legal-response

What this skill does

# /legal-response -- Generate Response from Templates

> If you see unfamiliar placeholders or need to check which tools are connected, see [CONNECTORS.md](../../CONNECTORS.md).

Generate a response to a common legal inquiry using configured templates. Customizes the response with specific details and includes escalation triggers for situations that should not use a templated response.

**Important**: This command assists with legal workflows but does not provide legal advice. Generated responses should be reviewed by qualified legal professionals before being sent, especially for regulated communications.

## Invocation

```
/legal-response [inquiry-type]
```

Common inquiry types:
- `dsr` or `data-subject-request` -- Data subject access/deletion/correction requests
- `hold` or `discovery-hold` -- Litigation hold notices
- `vendor` or `vendor-question` -- Vendor legal questions
- `nda` or `nda-request` -- NDA requests from business teams
- `privacy` or `privacy-inquiry` -- Privacy-related questions
- `subpoena` -- Subpoena or legal process responses
- `insurance` -- Insurance claim notifications
- `custom` -- Use a custom template

If no inquiry type is provided, ask the user what type of response they need and show available categories.

## Workflow

### Step 1: Identify Inquiry Type

Accept the inquiry type from the user. If the type is ambiguous, show available categories and ask for clarification.

### Step 2: Load Template

Look for templates in local settings (e.g., `legal.local.md` or a templates directory).

**If templates are configured:**
- Load the appropriate template for the inquiry type
- Identify required variables (recipient name, dates, specific details)

**If no templates are configured:**
- Inform the user that no templates were found for this inquiry type
- Offer to help create a template (see Template Creation Guide below)
- Provide a reasonable default response structure based on the inquiry type

### Step 3: Check Escalation Triggers

Before generating any response, evaluate whether this situation has characteristics that should NOT use a templated response.

#### Universal Escalation Triggers (Apply to All Categories)
- The matter involves potential litigation or regulatory investigation
- The inquiry is from a regulator, government agency, or law enforcement
- The response could create a binding legal commitment or waiver
- The matter involves potential criminal liability
- Media attention is involved or likely
- The situation is unprecedented (no prior handling by the team)
- Multiple jurisdictions are involved with conflicting requirements
- The matter involves executive leadership or board members

#### Data Subject Request Escalation Triggers
- Request involves a minor's data, or is from/on behalf of a minor
- Request is from a regulatory authority (not an individual)
- Request involves data that is subject to a litigation hold
- Requester is a current or former employee with an active dispute or HR matter
- Request scope is unusually broad or appears to be a fishing expedition
- Request involves data processed in a jurisdiction with unique requirements
- Request involves special category data (health, biometric, genetic)

#### Discovery Hold Escalation Triggers
- The matter involves potential criminal liability
- The preservation scope is unclear, disputed, or potentially overbroad
- There are questions about whether certain data is within scope
- Prior holds for the same or related matter exist
- The hold may affect ongoing business operations significantly
- Hold conflicts with regulatory deletion requirements
- Custodian objects to the hold scope

#### Vendor Question Escalation Triggers
- The question involves a dispute or potential breach
- The vendor is threatening litigation or termination
- The question involves regulatory compliance (not just contract terms)
- The response could create a binding commitment or waiver
- Response could affect ongoing negotiation

#### NDA Request Escalation Triggers
- The counterparty is a competitor
- The NDA involves government classified information
- The business context suggests the NDA is for a potential M&A transaction
- The request involves unusual subject matter (AI training data, biometric data, etc.)

#### Subpoena / Legal Process Escalation Triggers
- **ALWAYS requires counsel review** (templates are starting points only)
- Privilege issues identified
- Third-party data involved
- Cross-border production issues
- Unreasonable timeline

**When an escalation trigger is detected:**
1. **Stop**: Do not generate a templated response
2. **Alert**: Inform the user that an escalation trigger has been detected
3. **Explain**: Describe which trigger was detected and why it matters
4. **Recommend**: Suggest the appropriate escalation path (senior counsel, outside counsel, specific team member)
5. **Offer**: Provide a draft for counsel review (clearly marked as "DRAFT - FOR COUNSEL REVIEW ONLY") rather than a final response

### Step 4: Gather Specific Details

Prompt the user for the details needed to customize the response:

**Data Subject Request:**
- Requester name and contact information
- Type of request (access, deletion, correction, portability, opt-out)
- What data is involved
- Applicable regulation (GDPR, CCPA, CPRA, other)
- Response deadline

**Discovery Hold:**
- Matter name and reference number
- Custodians (who needs to preserve)
- Scope of preservation (date range, data types, systems)
- Outside counsel contact
- Effective date

**Vendor Question:**
- Vendor name
- Reference agreement (if applicable)
- Specific question being addressed
- Relevant contract provisions

**NDA Request:**
- Requesting business team and contact
- Counterparty name
- Purpose of the NDA
- Mutual or unilateral
- Any special requirements

### Step 5: Generate Response

Populate the template with the gathered details. Ensure the response:
- Uses appropriate tone (professional, clear, not overly legalistic for business audiences)
- Includes all required legal elements for the response type
- References specific dates, deadlines, and obligations
- Provides clear next steps for the recipient
- Includes appropriate disclaimers or caveats

Present the draft response to the user for review before sending.

#### Customization Guidelines

**Required customization** — Every templated response MUST be customized with:
- Correct names, dates, and reference numbers
- Specific facts of the situation
- Applicable jurisdiction and regulation
- Correct response deadlines based on when the inquiry was received
- Appropriate signature block and contact information

**Tone adjustment** — Adjust tone based on:
- **Audience**: Internal vs. external, business vs. legal, individual vs. regulatory authority
- **Relationship**: New counterparty vs. existing partner vs. adversarial party
- **Sensitivity**: Routine inquiry vs. contentious matter vs. regulatory investigation
- **Urgency**: Standard timeline vs. expedited response needed

**Jurisdiction-specific adjustments:**
- Verify that cited regulations are correct for the requester's jurisdiction
- Adjust timelines to match applicable law
- Include jurisdiction-specific rights information
- Use jurisdiction-appropriate legal terminology

### Step 6: Template Creation (If No Template Exists)

If the user wants to create a new template, walk through the Template Creation Guide (see below) and present the finished template for review. Suggest the user save the approved template to their local settings for future use.

## Response Categories

### 1. Data Subject Requests (DSRs)

**Sub-categories**:
- Acknowledgment of receipt
- Identity verification request
- Fulfillment response (access, deletion, correction)
- Partial denial with explanation
- Full denial with explanation
- Extension notification

**Key template elements**:
- Reference to applicable regulation (GDPR, CCPA, etc.)
- Specific timeline for response
- Identity verification requirements
- Rights of the