Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

casemark/risk-assessment

Name: risk-assessment
Author: casemark

skills/legal/risk-assessment/SKILL.md

npx skillsauth add casemark/skills risk-assessment

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Legal Risk Assessment

Produces executive-ready risk reports evaluating likelihood, impact, and mitigation across legal risk categories for business scenarios, transactions, or operational decisions.

Prerequisites

Gather before starting:

Scenario description — transaction summary, venture details, or decision under review
Source documents — contracts, term sheets, regulatory filings, corporate records
Organizational context — industry, jurisdiction(s), risk tolerance, strategic objectives
Known constraints — timeline, budget, regulatory environment, stakeholder concerns

Workflow

1. Document Review

Extract from all provided materials:

| Element | Look For | |---|---| | Obligations & duties | Performance requirements, deadlines, conditions precedent | | Representations & warranties | Scope, survival periods, indemnification triggers | | Financial exposure | Stated amounts, penalties, liquidated damages | | Jurisdictional issues | Choice of law, forum selection, regulatory bodies | | Notice & cure provisions | Timelines, methods, non-compliance consequences | | Ambiguous or silent terms | Missing definitions, unclear risk allocation, gaps |

2. Risk Identification

Categorize all material risks:

| Category | Key Inquiry | |---|---| | Regulatory compliance | Licensing, permits, reporting, pending rule changes | | Contractual liability | Breach exposure, indemnification chains, liability gaps | | Litigation probability | Dispute history, enforceability, venue risk | | IP vulnerability | Ownership disputes, licensing gaps, infringement exposure | | Employment & labor | Classification, non-competes, WARN Act, benefits | | Tax implications | Structure-dependent exposure, transfer pricing, nexus | | Reputational & governance | Fiduciary duties, disclosure obligations, ESG |

3. Risk Scoring

Rate each risk on a 5x5 matrix. Rating = Likelihood x Impact.

Likelihood: 1 Remote — 2 Unlikely — 3 Possible — 4 Likely — 5 Near certain

Impact: 1 Negligible (<$50K) — 2 Minor ($50K–$500K) — 3 Moderate ($500K–$5M) — 4 Major ($5M–$50M) — 5 Severe (>$50M)

Thresholds: Low (1–6), Medium (7–12), High (13–19), Critical (20–25)

4. Mitigation Strategies

For each Medium/High/Critical risk, propose mitigations and assess feasibility, cost, and residual risk:

| Strategy | Examples | |---|---| | Eliminate | Restructure transaction, remove problematic terms | | Transfer | Insurance, indemnification, contractual risk allocation | | Reduce | Compliance protocols, enhanced due diligence, reps & warranties | | Accept | Document rationale, establish reserves, monitor triggers |

5. Gap Analysis

Flag explicitly:

Missing documents or facts affecting risk precision
Unsettled legal standards or pending regulatory changes
Recommended due diligence steps or expert consultations

Output Structure

## Executive Summary
- 3–5 sentence risk posture overview
- Top 3 risks with ratings
- Go / No-Go / Conditional recommendation

## Risk Matrix
[Table: Risk | Category | Likelihood | Impact | Rating | Key Driver]

## Detailed Risk Analysis
### [Risk Category]
#### [Specific Risk]
- **Exposure**: factual basis with document references
- **Legal basis**: applicable statute or case law
- **Likelihood rationale**: enforcement trends, precedent
- **Impact quantification**: dollar range, operational consequences
- **Mitigation options**: ranked by effectiveness

## Information Gaps & Limitations
[Bulleted list with recommended next steps]

## Recommendations
- Numbered, actionable items tied to specific risks
- Prioritized by risk rating and feasibility
- Decision framework: proceed / modify / decline

Checks

Reference specific contract sections, statutes, and facts — no generic risk language
Quantify exposure with dollar ranges; acknowledge uncertainty explicitly
Calibrate recommendations to the organization's stated risk tolerance
Distinguish deal-breakers from commercially acceptable risks
Mark unverifiable authority with [VERIFY]
Do not minimize risks to favor a preferred outcome
Note jurisdiction-specific variations where U.S. state law divergence is material
Keep the executive summary accessible to non-lawyers

casemark/risk-assessment

skills/legal/risk-assessment/SKILL.md

Generates structured legal risk assessment reports with categorized risks, 5x5 scoring matrices, and mitigation strategies. Use when preparing risk assessments, due diligence reports, transaction risk reviews, venture analysis, or board-level risk summaries.

12 stars

development

Updated Apr 17, 2026

$ install --global

skillsauth

npx skillsauth add casemark/skills risk-assessment

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 17, 2026, 2:17 PM12.8s1 file scanned

SKILL.md

name:: risk-assessment
description:: Generates structured legal risk assessment reports with categorized risks, 5x5 scoring matrices, and mitigation strategies. Use when preparing risk assessments, due diligence reports, transaction risk reviews, venture analysis, or board-level risk summaries.

Legal Risk Assessment

Produces executive-ready risk reports evaluating likelihood, impact, and mitigation across legal risk categories for business scenarios, transactions, or operational decisions.

Prerequisites

Gather before starting:

Scenario description — transaction summary, venture details, or decision under review
Source documents — contracts, term sheets, regulatory filings, corporate records
Organizational context — industry, jurisdiction(s), risk tolerance, strategic objectives
Known constraints — timeline, budget, regulatory environment, stakeholder concerns

Workflow

1. Document Review

Extract from all provided materials:

2. Risk Identification

Categorize all material risks:

3. Risk Scoring

Rate each risk on a 5x5 matrix. Rating = Likelihood x Impact.

Likelihood: 1 Remote — 2 Unlikely — 3 Possible — 4 Likely — 5 Near certain

Impact: 1 Negligible (<$50K) — 2 Minor ($50K–$500K) — 3 Moderate ($500K–$5M) — 4 Major ($5M–$50M) — 5 Severe (>$50M)

Thresholds: Low (1–6), Medium (7–12), High (13–19), Critical (20–25)

4. Mitigation Strategies

For each Medium/High/Critical risk, propose mitigations and assess feasibility, cost, and residual risk:

5. Gap Analysis

Flag explicitly:

Missing documents or facts affecting risk precision
Unsettled legal standards or pending regulatory changes
Recommended due diligence steps or expert consultations

Output Structure

## Executive Summary
- 3–5 sentence risk posture overview
- Top 3 risks with ratings
- Go / No-Go / Conditional recommendation

## Risk Matrix
[Table: Risk | Category | Likelihood | Impact | Rating | Key Driver]

## Detailed Risk Analysis
### [Risk Category]
#### [Specific Risk]
- **Exposure**: factual basis with document references
- **Legal basis**: applicable statute or case law
- **Likelihood rationale**: enforcement trends, precedent
- **Impact quantification**: dollar range, operational consequences
- **Mitigation options**: ranked by effectiveness

## Information Gaps & Limitations
[Bulleted list with recommended next steps]

## Recommendations
- Numbered, actionable items tied to specific risks
- Prioritized by risk rating and feasibility
- Decision framework: proceed / modify / decline

Checks

Reference specific contract sections, statutes, and facts — no generic risk language
Quantify exposure with dollar ranges; acknowledge uncertainty explicitly
Calibrate recommendations to the organization's stated risk tolerance
Distinguish deal-breakers from commercially acceptable risks
Mark unverifiable authority with [VERIFY]
Do not minimize risks to favor a preferred outcome
Note jurisdiction-specific variations where U.S. state law divergence is material
Keep the executive summary accessible to non-lawyers

Related Skills

casemark/skills/legal/automated-contract-summary

development

VerifiedTrustedCommunity

name: automated-contract-summary language: en description: Generates structured executive summaries of contracts using ML — captures key terms, party obligations, risk allocations, and compliance requirements in a standardized format. Optimized for high-volume review where speed and consistency matter. tags: - summarization - agreement - corporate --- # Automated Contract Summarization Produces standardized executive summaries of contracts using machine learning, capturing essential term

21SKILL.mdUpdated May 26, 2026

casemark/skills/legal/automated-contract-summary

casemark/obligation-mapping

tools

VerifiedTrustedCommunity

Extracts regulatory obligations from dense regulations across jurisdictions. Breaks down multi-level regulations into clear article-level obligations, classifies applicability to a business, and prioritizes by risk level. Use when translating regulations into actionable compliance requirements.

21SKILL.mdUpdated May 25, 2026

casemark/obligation-mapping

casemark/horizon-scanning

development

VerifiedTrustedCommunity

Continuously monitors regulatory landscapes for changes relevant to a specific business. Ingests global regulatory updates, filters by relevance, summarizes impact, and produces an actionable change advisory. Use when tracking regulatory developments affecting a particular product or market.

21SKILL.mdUpdated May 25, 2026

casemark/horizon-scanning

casemark/gap-analysis

testing

VerifiedTrustedCommunity

Compares an organization's existing compliance controls, policies, and procedures against extracted regulatory obligations to identify coverage gaps. Produces a remediation plan with prioritized actions. Use when assessing compliance maturity or preparing for regulatory audits.

21SKILL.mdUpdated May 25, 2026

casemark/gap-analysis

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/casemark/skills.git

# Copy into Claude Code skills folder (global)
cp -r skills/skills/legal/risk-assessment ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

casemark/skills

12 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT