Built for law firms and in-house legal departments
AI agents built for attorney-client privilege.
Law firms and legal departments are deploying agents for contract review, e-discovery, and M&A due diligence. In February 2026, the SDNY ruled in United States v. Heppner that AI-generated documents lack privilege protection without documented attorney involvement. Record creates that documentation trail as a structural property of how agents run.
Agents you can deploy today.
Every agent ships with Cedar policies pre-configured for legal compliance requirements. Deploy in minutes, not quarters.
Contract Review Agent
Analyzes commercial contracts for non-standard terms, risk positions, and missing provisions. Matter-level isolation enforced at the kernel — an agent reviewing Acme contracts cannot access documents from any other client matter under any circumstances, regardless of what instructions it receives.
M&A Due Diligence Agent
Processes data room documents, extracts material facts, and flags representation and warranty risks. All LLM queries are logged per client matter — providing the documented chain of attorney supervision that courts now require following Heppner, and protecting M&A communications from post-closing discovery.
E-Discovery Agent
Reviews document collections for relevance, privilege, and responsiveness. Routes every privilege determination to attorney review before any document enters a production set. Generates a complete chain of custody — timestamped attorney approval for each decision — satisfying FRE 502 clawback protections.
Regulatory Monitoring Agent
Continuously monitors regulatory changes across jurisdictions, maps changes to client obligations, and drafts compliance memos. All client data access scoped per matter — the agent surfaces what changed, but attorney review gates any client-facing advice delivery.
Conflict Check Agent
Runs conflict analysis against the firm's matter database when new engagements are opened. Cedar policies prevent the agent from accessing matter details beyond what conflict analysis requires — protecting privilege on active matters from the conflict check process itself.
In United States v. Heppner (SDNY, February 2026), Judge Rakoff ruled that documents created with Claude and transmitted to counsel were not protected by attorney-client privilege — on three grounds: the AI is not an attorney, the outputs weren't confidential given third-party data sharing policies, and the documents weren't created at the direction of counsel. Separately, Mayer Brown and others have documented that AI prompts describing disclosure obligations in M&A due diligence may become discoverable in post-closing litigation. The agent that reviews 10,000 contracts needs a provable record of attorney supervision at every consequential step, or the work product doctrine does not attach.
Governance built for legal.
Post-Heppner privilege protection built in
After United States v. Heppner (SDNY, Feb 2026), AI-generated work product requires documented attorney involvement to retain privilege. Record's Context Graph logs every document accessed, every LLM query issued, and every decision made — with the reviewing attorney's approval status attached. The attorney involvement Heppner requires is a structural property of how the agent runs, not a retroactive documentation exercise.
Matter isolation enforced at the kernel, not the application
Cedar policies enforce matter-level isolation at the Kernel Sandbox — agents working on one client matter cannot access documents from another regardless of prompt instructions. A prompt injection attack embedded in a counterparty's contract metadata cannot cause the agent to exfiltrate another client's negotiating positions — the kernel blocks the access before it executes.
HITL for every privilege determination
Discovery privilege review routes every potentially privileged document through attorney sign-off before production. Record captures the reviewing attorney's identity, timestamp, and decision — creating the FRE 502 chain of custody that prevents inadvertent production from becoming a permanent privilege waiver.
M&A AI communications protected from discovery
Due diligence AI prompts describing disclosure obligations and legal exposure may be discoverable in post-closing litigation. Record's AI Gateway logs all LLM queries per client matter with contractual confidentiality — the same perimeter as attorney work product. Sellers' AI analysis of disclosure risk cannot be subpoenaed without confronting the same protections as attorney communications.
Three gates. Every action. Zero exceptions.
Every agent action passes through all three enforcement layers simultaneously — not just one. Here's what that means for legal.
Cedar policy enforces matter-level data isolation before any tool executes. Any access outside the scoped matter list is denied at Gate 1. Privilege determinations always require attorney HITL before execution — creating the documented attorney direction that Heppner requires for privilege protection to attach.
All LLM interactions logged per client matter with contractual confidentiality — providing the documented chain of attorney oversight courts now require. Content filtering prevents client confidential information from appearing in shared prompt context. M&A due diligence queries archived with work-product-equivalent protection.
eBPF sandbox prevents privileged documents from being sent to unauthorized endpoints or accessed through any path that bypasses matter-level access controls. Prompt injection attacks embedded in counterparty documents cannot cause data exfiltration — the kernel drops unexpected outbound connections before any data moves.
Ready to govern agents in Legal?
See how Record works for your team in a 30-minute demo.