LegalFab Platform - Documentation

Version: 1.2 Last Updated: January 2026

Executive Summary

LegalFab is an AI-powered legal technology platform built on a metadata-driven architecture that provides unified access to distributed data assets while maintaining strict security controls. The platform enables natural language interaction across all components via an intelligent conversational interface, supports configurable automation levels from fully manual to fully automated, and integrates with 200+ data sources, including regulatory registers.

Platform Architecture Components:

Component Purpose Security Relevance
Knowledge Fabric Active metadata, knowledge graph, entity resolution, 200+ MCP connectors Data access control, credential management, source provenance
Studio Agent creation, widgets, datasets, workflow design, operational modes Execution sandboxing, schema-driven processing, human-in-the-loop controls
Dialog Conversational interface, NLU, multi-level query processing, cross-platform context Input validation, session security, function routing authorization
AI & LLM Layer LightLLM-based inference, provider agnostic, output consistency, model provenance Prompt security, schema validation, A/B testing
DevOps Infrastructure CI/CD pipelines, deployment automation Code security, vulnerability management

Key Security Characteristics:

  • Defense-in-depth architecture with multiple security layers
  • Zero-trust access model with continuous verification
  • End-to-end encryption for data in transit and at rest
  • Comprehensive audit logging with tamper-evident storage
  • Privacy-by-design with data minimization principles
  • Compliance-ready controls for GDPR, SOC 2, AML regulations, and legal industry standards
  • Schema-bounded extraction preventing hallucination and ensuring data quality
  • Five operational modes enabling configurable human oversight

Platform Capabilities

Knowledge Fabric

The Knowledge Fabric serves as the foundational data integration and intelligence layer, implementing a metadata-driven architecture that provides unified access while leaving source data in place.

Capability Description
Persistent Knowledge Graph Corporate memory with schema-bounded extraction and source provenance
Entity Resolution Cross-source entity matching with golden record management
200+ MCP Connectors Federated queries across databases, SaaS, legal systems, and corporate registries
Two-Way Data Flow Read from and write back to source systems
Search Sessions Iterative exploration with accumulated context
Data Observability Quality monitoring, freshness tracking, automated alerts

Studio

The Studio provides the development environment for building AI agents, widgets, datasets, and multi-agent workflows.

Capability Description
Agent Creation Domain-driven flow with schema selection, natural language definition, and testing
Widgets Agents with visual interface components (charts, tables, custom views)
Datasets Structured data collections with schema enforcement and access controls
Business Domain Discovery Extract schemas from documents to define entity structures
Chain of Agents Multi-agent orchestration with sequential, parallel, and hierarchical patterns
Operational Modes Five modes from traditional platform (Mode 0) to fully automated with audit (Mode 4)
Text-to-Pipeline Natural language workflow generation with DSL output

Dialog

The Dialog component provides the central conversational intelligence layer enabling natural language interaction across all platform components.

Capability Description
Intelligent Routing Automatically routes queries to Knowledge Fabric, Studio, Marketplace, or Exchange
Natural Language Understanding Intent classification, entity extraction, context analysis
Multi-Level Query Processing Handles complex queries requiring multiple platform components
Cross-Platform Continuity Maintains context between web and messaging applications
Long-Term Memory Preserves conversation history across sessions
Document Processing Handles document uploads within conversations
Intelligent Caching Two-layer caching (exact match + semantic) for performance

AI & LLM Layer

The AI layer provides secure, provider-agnostic LLM integration with comprehensive monitoring and quality controls.

Capability Description
LightLLM Gateway Provider-agnostic interface supporting multiple LLM providers
Output Consistency Schema-validated extraction and ontology-based execution
Model Provenance Tracking of model versions and configurations
Quality Assurance Feedback loops, accuracy monitoring, reasoning chain transparency

Document Structure

Document Content
01-Introduction Platform overview and security summary
02-Architecture System architecture, deployment models, security boundaries
03-Knowledge-Fabric Knowledge graph, entity resolution, MCP connectors, corporate ownership integration
04-Studio Agent creation, widgets, datasets, operational modes, workflows
05-AI-LLM LLM security, output consistency, model provenance, quality assurance
06-CI-CD CI/CD pipeline security
07-Security-Operations SOC, monitoring, and incident response
08-AML-Compliance AML rule engine, BPM workflows, screening
09-Schema-Management Business domain discovery, schema registry
10-Compliance-Capabilities Platform compliance features, legal hold, retention management
11-API-Security API gateway, authentication, rate limiting
12-Dialog Conversational interface, NLU, state machine, context management

Security Principles

LegalFab implements the following core security principles:

Principle Implementation
Defense in Depth Multiple independent security layers across all components
Least Privilege Minimum necessary access granted, permission propagation controls
Zero Trust All requests are authenticated regardless of source, with continuous verification
Data Minimization Only essential data collected; metadata-only architecture leaves source data in place
Encryption Everywhere Data encrypted at rest and in transit with AES-256 and TLS 1.3
Audit Everything Comprehensive logging with tamper-evident storage and full provenance
Schema-Driven Security All data extraction and processing bounded by user-defined schemas
Human-in-the-Loop Configurable automation levels with escalation and approval workflows

Operational Modes

The platform supports five operational modes enabling organizations to balance automation with human oversight:

Mode Name Description
0 Traditional Platform No AI agents; manual investigation and analysis
1 AI-Assisted Manual Agents in suggest-only mode; all decisions require human approval
2 Routine Automation Agents handle routine tasks; humans focus on analysis and decisions
3 Autonomous with Escalation Full investigation automation; escalation on exceptions
4 Fully Automated with Audit End-to-end automation; post-investigation human audits

Regulatory Compliance

The platform is designed to support compliance with:

Regulation Coverage
GDPR Data subject rights, consent management, data minimization
CCPA/CPRA California privacy requirements
Money Laundering Regulations 2017 Independent verification, ownership analysis, record retention
SOC 2 Security, availability, processing integrity
FCA Requirements Financial services regulatory compliance
Legal Industry Standards Matter confidentiality, conflict checking, privilege protection

Contact

For security inquiries or to request additional documentation, please contact the LegalFab security team through your account representative.