ElasticFlow
Legal Plugin

When a DSAR or litigation hold lands in your inbox, /legal-response drafts the reply from your templates with built-in escalation checks. — Claude Skill

A Claude Skill for Claude Code by Anthropic — run /legal-response in Claude·Updated

Compatible withChatGPT·Claude·Gemini·OpenClaw

Draft DSARs, holds, vendor replies and NDAs from your templates.

  • Categories: DSARs, litigation holds, vendor questions, NDAs, privacy inquiries, subpoenas, insurance
  • Escalation checks: regulator contact, criminal exposure, M&A context, minor's data, special-category data
  • Jurisdiction-aware timelines: GDPR 30 days, CCPA 45 days, LGPD 15 days
  • Template-driven: load your firm's library and customize variables
  • Subpoenas always flagged for counsel review, never auto-templated

Who this is for

Corporate Counsel

Draft DSARs, holds, and vendor replies in 15 minutes from your templates instead of starting from scratch every time

See skills for this role
Contract Manager

Auto-draft NDA replies and vendor questions while flagging anything that needs senior counsel

See skills for this role

What it does

15th DSAR this month, all from California

Same template, different name. /legal-response drafts the CCPA acknowledgment within the 10-business-day window, populates the 45-day substantive deadline, and skips fields that need verification. You review and send instead of starting from scratch.

Litigation hold notice for 50+ custodians

/legal-response generates the Privileged & Confidential hold notice with matter reference, scope, date range, document types, and acknowledgment requirement — plus a tracker for who hasn't acknowledged by the deadline.

Vendor's counsel asks about an indemnification clause

/legal-response loads your standard vendor reply template, references the exact contract section, and flags that the vendor's tone suggests potential dispute — recommends escalating to senior counsel before responding.

Sales asks for an NDA with a competitor

/legal-response detects the escalation trigger (counterparty is a competitor), refuses to generate a templated reply, and instead drafts a 'DRAFT — FOR COUNSEL REVIEW ONLY' version with the competitive risk flagged.

How it works

1

Pick the inquiry type: dsr / hold / vendor / nda / privacy / subpoena / insurance

2

Skill loads the matching template from your local settings

3

Runs escalation triggers — stops cold if regulator, criminal, M&A, or special-category data

4

Prompts for variables: requester name, dates, scope, jurisdiction

5

Generates the reply with correct deadlines, jurisdiction-specific rights, and follow-up actions

Example

Your inquiry
DSAR from Maria Rodriguez (California resident), requesting access to all personal information collected, dated 2026-04-08.
Drafted reply — 12 minutes
Escalation Check
PASS — no triggers detected. Requester is an individual (not regulator), no litigation hold on file, no minor's data, standard CCPA scope.
Subject
Your CCPA Right to Know Request — Reference DSR-2026-0419
Body
Dear Maria,

We received your request dated April 8, 2026 to access the personal information we have collected about you under the California Consumer Privacy Act.

We will verify your identity within the next 10 business days and provide a substantive response by May 23, 2026 (the 45-day CCPA deadline).

To verify your identity, please reply with: (1) the email associated with your account, and (2) a recent transaction reference.

You have the right to lodge a complaint with the California Attorney General if you are not satisfied with our response.

[Signature block]
Follow-Up Actions
1. Set calendar reminder: identity verification by 2026-04-22
2. Set calendar reminder: substantive response by 2026-05-23
3. Log request in DSR tracker with assigned handler
4. Assemble personal data export from connected systems

Metrics this improves

NDA Turnaround
NDA replies drafted from template in minutes, business unblocked same-day
Legal
DSAR Response Time
DSAR drafted in 15 minutes from CCPA/GDPR template instead of 4 hours from scratch
Legal
Strategic vs Reactive Work
Routine replies templated, counsel only engages on escalation triggers
Legal

Works with

Gmail
manual

Drafts replies as Gmail messages, sets follow-up reminders

Outlook
manual

Drafts replies as Outlook messages with calendar reminders for deadlines

Ironclad
manual

References vendor contracts when drafting vendor question replies

NetDocuments
manual

Loads response templates from NetDocuments library

iManage
manual

Loads response templates from iManage workspace

Ready to install Legal Response from Templates?

Choose how to get started.

Run in Claude Code
Free. Open source.

Install and run this plugin locally on your computer.

1
Install Claude Code

Open a terminal on your computer and paste this command:

2
Install the plugin

This downloads the plugin with all its files to your computer:

Add -g at the end to make it available in all your projects.

3
Run it

Start Claude Code, then type the command:

then
View source on GitHub
Use on ElasticFlow
Team and collaboration features

Shared workspaces, usage analytics, and managed integrations.

Free 14-day trial. Cancel anytime.

View on GitHub

/legal-response -- Generate Response from Templates

Generate a response to a common legal inquiry using configured templates. Customizes the response with specific details and includes escalation triggers for situations that should not use a templated response.

Important: This command assists with legal workflows but does not provide legal advice. Generated responses should be reviewed by qualified legal professionals before being sent, especially for regulated communications.

Common inquiry types

  • dsr / data-subject-request -- Data subject access/deletion/correction requests
  • hold / discovery-hold -- Litigation hold notices
  • vendor / vendor-question -- Vendor legal questions
  • nda / nda-request -- NDA requests from business teams
  • privacy / privacy-inquiry -- Privacy-related questions
  • subpoena -- Subpoena or legal process responses
  • insurance -- Insurance claim notifications
  • custom -- Use a custom template

Workflow

  1. Identify Inquiry Type — accept type from user; if ambiguous, show categories.
  2. Load Template — look in local settings (legal.local.md or templates dir). If none, offer to help create one or use a default structure.
  3. Check Escalation Triggers — before generating, evaluate whether this situation should NOT use a templated response.
  4. Gather Specific Details — prompt for variables (requester name, dates, references, scope, jurisdiction).
  5. Generate Response — populate template, customize tone, present draft for review.
  6. Template Creation — if no template exists, walk through creation guide.

Universal Escalation Triggers (apply to all categories)

  • Matter involves potential litigation or regulatory investigation
  • Inquiry from a regulator, government agency, or law enforcement
  • Response could create a binding legal commitment or waiver
  • Matter involves potential criminal liability
  • Media attention involved or likely
  • Situation is unprecedented (no prior handling by team)
  • Multiple jurisdictions with conflicting requirements
  • Matter involves executive leadership or board members

Category-Specific Escalation Triggers

Data Subject Request

  • Request involves a minor's data
  • From a regulatory authority (not individual)
  • Data subject to litigation hold
  • Requester is current/former employee with active dispute
  • Unusually broad scope or fishing expedition
  • Special category data (health, biometric, genetic)

Discovery Hold

  • Potential criminal liability
  • Preservation scope unclear or disputed
  • Prior holds for related matter
  • Hold conflicts with regulatory deletion requirements

Vendor Question

  • Dispute or potential breach
  • Vendor threatening litigation/termination
  • Regulatory compliance question
  • Could create binding commitment

NDA Request

  • Counterparty is a competitor
  • Government classified information
  • Potential M&A context
  • Unusual subject matter (AI training data, biometric)

Subpoena / Legal Process

  • ALWAYS requires counsel review (templates are starting points only)

When escalation trigger detected

  1. Stop: do not generate templated response
  2. Alert: inform user
  3. Explain: which trigger and why
  4. Recommend: appropriate escalation path
  5. Offer: draft for counsel review only ("DRAFT - FOR COUNSEL REVIEW ONLY")

Response Categories with Template Structure

Data Subject Requests (DSRs)

Sub-categories: acknowledgment, verification request, fulfillment, partial denial, full denial, extension notification. Required elements: applicable regulation, timeline, identity verification, rights of data subject, contact info.

Discovery Holds

Sub-categories: initial hold notice, reminder/reaffirmation, scope modification, hold release. Required elements: matter name and reference, preservation obligations, scope (date range, data types, systems), prohibition on spoliation, acknowledgment requirement.

Privacy Inquiries

Sub-categories: cookie/tracking, privacy policy, data sharing, children's data, cross-border transfer.

Vendor Legal Questions

Sub-categories: contract status, amendment request, compliance certification, audit request, insurance certificate.

NDA Requests

Sub-categories: send standard form, accept counterparty NDA with markup, decline with explanation, renewal/extension.

Subpoena / Legal Process

Sub-categories: acknowledgment, objection letter, extension request, compliance cover letter. Critical: subpoena responses almost always require individualized counsel review.

Insurance Notifications

Sub-categories: initial claim, supplemental information, reservation of rights response.

Customization Guidelines

Required: correct names/dates/references, specific facts, applicable jurisdiction and regulation, correct response deadlines, signature block.

Tone adjustment by audience (internal/external, business/legal, individual/regulatory), relationship (new/existing/adversarial), sensitivity (routine/contentious/investigation), urgency.

Jurisdiction-specific: verify cited regulations, adjust timelines to applicable law, include jurisdiction-specific rights, use appropriate terminology.

Template Lifecycle

Creation → Review → Publication → Use → Feedback → Update → Retirement.

Each template should include: category, name, use case, escalation triggers, required variables, body with placeholders, follow-up actions, last reviewed date.

Notes

  • Always present draft for user review before suggesting it be sent
  • If connected to email via MCP, offer to create a draft email
  • Track response deadlines, offer calendar reminders
  • For regulated responses (DSRs, subpoenas), always note applicable deadlines
  • Templates should be living documents — suggest updates when modified