Shield AI

Enterprise Contract Intelligence

Live · All agents ready

Multi-agent AI platform for enterprise contract review — HIPAA · SOC 2 · GDPR

Upload Contract Review Queue

Total Contracts

Processed

Avg Risk Score

Anomalies Flagged

Risk Dashboard Recent Uploads Ask Shield AI

Pipeline

6-Agent Processing Pipeline

🤖 Primary: Gemini 2.5 Flash-Lite↩ Fallback: Gemini 1.5 Flash

Agent 4No LLM

Security Gate

Runs at upload — pre-LLM threat screening

🤖 Lobster Trap + Offline Detector

Prompt injection detection
Malicious payload scanning
Quarantine before any LLM call
Offline-safe regex fallback

Agent 0Fast

Contract Classifier

Determines type, sector & applicable frameworks

🤖 Gemini 2.5 Flash-Lite

Contract type (MSA / NDA / DPA / BAA…)
Industry sector (Healthcare / Fintech…)
Jurisdiction & governing law
Applicable frameworks (HIPAA / GDPR / SOC 2…)

Agent 1Fast

Document Extraction

Structured data from raw contract text

🤖 Gemini 2.5 Flash-Lite

Parties & signatories
Effective & expiry dates
Key obligations & clauses
Executive summary

Agent 2RAG

Risk Assessment

Semantic risk scoring with RAG retrieval

🤖 Gemini 2.5 Flash-Lite + Pinecone RAG

Composite risk score (0–100)
Critical / High / Medium findings
Severity classification
Peer contract comparison

Agent 3RAG

Compliance Check

Multi-framework regulatory verification

🤖 Gemini 2.5 Flash-Lite + Pinecone RAG

HIPAA pass / fail per clause
SOC 2 pass / fail per clause
GDPR pass / fail per clause
Gap analysis & evidence citations

Agent 5No LLM

Approval Scoring

Policy engine — deterministic, no LLM

🤖 Policy-based · No LLM

AUTO_APPROVE
MANAGER_REVIEW
LEGAL_REVIEW
REJECT

Storage

Data Layer

PostgreSQL

Primary relational store · 0 contracts

▸Contracts, extractions, risk findings
▸Compliance results & audit events
▸Human decisions + scoring feedback
▸Comments, assignments & escalations

Pinecone Vector DB

Semantic search & RAG retrieval

▸contracts namespace — peer contract embeddings
▸policies namespace — HIPAA / SOC 2 / GDPR corpus
▸Cosine similarity retrieval for agents 2 & 3
▸Real-time upsert on every processed contract

Architecture

How it works

FastAPI BackendAsync agent orchestrationSector-aware scoringHuman feedback loopFull audit trailRole-based accessPinecone RAGPostgreSQL persistence

Access

User Roles & Permissions

📋

Procurement Analyst

Entry-level operator who initiates the review pipeline.

Can do

✓Upload single & bulk contracts
✓View all uploaded contracts
✓Delete own uploads

Cannot

✕Approve or reject contracts
✕Access audit trail
✕Assign reviewers

📊

Compliance Officer

Reviews contracts routed to the manager queue.

Can do

✓Approve / reject manager-review contracts
✓Comment & annotate clauses
✓Escalate to Legal team

Cannot

✕Approve legal-review contracts
✕Modify scoring policy

⚖️

Legal Reviewer

Senior gatekeeper for high-risk or escalated contracts.

Can do

✓Approve / reject legal-review contracts
✓Comment & annotate clauses
✓Escalate to Executive

Cannot

✕Modify scoring rules
✕Delete contracts

👔

Executive

Strategic oversight with read access across all queues.

Can do

✓View all contracts & queues
✓Add comments & annotations
✓Approve if escalated

Cannot

✕Initiate uploads
✕Modify scoring policy

🔍

Auditor

Read-only compliance monitor with full audit access.

Can do

✓View all contracts & queues
✓Access full audit log
✓Add read-only comments

Cannot

✕Approve or reject contracts
✕Upload contracts
✕Modify any data

Navigate

Quick Navigation

Upload

Upload single or bulk contracts

Recent Uploads

Browse & inspect all contracts

Risk Dashboard

Portfolio risk analytics

Review Queue

Approve, reject or escalate

Security

Quarantine & threat log

Ask Shield AI

Natural language contract Q&A

Audit Log

Immutable event history

Scoring Policy

Adjust weights & thresholds

Data Recovery

Cache fallback & service health