the harness

The platform for high-stakes document work.

The Danielle Harness is a standalone platform for verified, traceable, playbook-driven AI execution. Buy it as a platform. Run our vertical products on it. Or build your own.

Talk to the teamSee products built on it ↓
legalfinancial servicescybersecurityhealthcare
the generalization

Same harness. Different vocabulary.

The harness is domain-agnostic. The playbook is domain-specific. Swap the playbook — and the prompts and tools it implies — and the same execution infrastructure runs a redline, a control-mapping, a diligence trace.

  • STAYS THE SAME
    The HARNESS
    ingest, decompose, execute, verify, emit, audit
  • CHANGES
    The PLAYBOOK
    legal positions ↔ financial covenants ↔ regulatory controls ↔ clinical criteria
  • CHANGES
    The TOOLSET
    DOCX redliner ↔ control-matrix writer ↔ disclosure assembler ↔ chart abstractor
STAGE
LEGAL · redlining
FINANCE · diligence
CYBER · controls mapping
HEALTH · medical records
INGEST
MSA, NDA, DPA (DOCX)
side letters, credit docs (PDF)
policy set, evidence (PDF/IMG)
chart, claims, HL7/FHIR feed
DECOMPOSE
clauses → positions
terms → obligations & covenants
controls → requirements
encounters → events
EXECUTE
find_clause, propose_redline
trace_chain, test_covenant
map_control, find_evidence
find_criterion, abstract_event
VERIFY
cite to playbook + precedent
cite to term + assignment
cite to control + artifact
cite to chart page + criterion
EMIT
tracked-changes DOCX
diligence trace / covenant report
ControlMatrix (SOC 2)
ChartAbstract / decision packet
AUDIT
rule + cite + sig
term + cite + sig
control + cite + sig
criterion + cite + sig
the pattern that repeats

Four pain points. Every regulated industry.

Look at a procurement deal desk, a regulatory filings group, and a SOC 2 control owner. The artifacts differ. The workflow does not.

Opaque rules

The rules that govern the work live in playbooks, policies, regs, precedent — not in any one place.

Document-heavy

The work is the document. Every artifact runs to thousands of pages of dependent context.

High cost of error

A missed clause, a missed control, a misread clinical finding — an enforcement action, a lawsuit, a breach, a denied claim.

Long validation cycles

Output has to be defended. To a regulator, an auditor, a court, the other side of the table.

the architecture

Six stages. Versioned. Auditable.

Every job passes the same six stages. The output is signed against a playbook version and written back into your original file by a custom compiler — nothing outside the touched spans is reformatted or broken.

INGEST
Native artifacts in — even handwritten, scanned, and faxed. Typed objects out.
~/harness/stage/ingest.ts
// Accept whatever the team already works with — including the messy.
ingest(file: DOCX | PDF | EML | IMG | SCAN | FAX): Document[]

interface Document {
  id:           string
  source:       "docx" | "pdf" | "eml" | "scan" | "fax"
  text_blocks:  TextBlock[]      // ordered, spanned to bytes
  handwriting:  Span[]           // OCR'd, transcribed, low-confidence flagged
  tables:       Table[]
  redactions:   Span[]           // preserved, not flattened
  metadata:     {
    author:   string
    revised:  ISO8601
    sha256:   string
  }
}

// Handwritten notes, faxed pages, 800-page scans — read, not rejected.
DECOMPOSE
Work is broken into typed sub-tasks against a playbook.
~/harness/stage/decompose.ts
// One document → many small, typed jobs.
decompose(doc: Document, playbook: Playbook): Task[]

type Task =
  | { kind: "apply_rule";      rule_id: string;  target: Span }
  | { kind: "screen_privilege"; doc_id: string }
  | { kind: "summarize_clause"; clause: Span }
  | { kind: "cite";             claim: string;   scope: Span[] }

// Tasks are pure: ordered, retryable, addressable.
EXECUTE
Tool-use loops drive each sub-task.
~/harness/stage/execute.ts
// Each task runs an agent loop against a typed tool set.
execute(task: Task, tools: Tool[]): Output

const tools = [
  find_clause,        // (doc, pattern) → Span[]
  propose_redline,    // (span, position) → Edit
  lookup_precedent,   // (clause, jurisdiction) → Precedent[]
  compare_position,   // (clause, playbook) → Delta
]

// No tool call. No output. The model cannot free-write.
VERIFY
Every output is checked against the source by an independent verifier.
~/harness/stage/verify.ts
// A separate agent that did not write the output.
verify(output: Output, source: Document): VerifyResult

interface VerifyResult {
  ok:             boolean
  citation_spans: Span[]          // bytes in source that support the claim
  confidence:    "high" | "medium" | "low"
  failures:      Failure[]        // unsupported claims surface here
}

// Failures route back to EXECUTE. Nothing ships unverified.
EMIT
Changes are written back into your original file — never a re-rendered copy.
~/harness/stage/emit.ts
// A custom compiler writes changes back into the ORIGINAL file.
// We never re-flow or re-render it: styles, fonts, macros,
// numbering, comments, metadata, and redactions stay intact.
emit(work: Work, source: Document): DOCX | DiffSet | ReviewLog | ControlMatrix

// Only the spans we touched change. Everything else is the exact
// file you sent — diff it against the original and the bytes match.
//
// LEGAL          → tracked-changes DOCX, author = "Danielle"
// LEGAL (review) → DiffSet, addressable by clause id
// DISCOVERY      → ReviewLog with priv tags + summary
// CYBERSECURITY  → ControlMatrix mapped to SOC 2 / ISO 27001
// HEALTHCARE     → ChartAbstract (timeline + cited spans, FHIR-aware)
AUDIT
Every decision is journaled with citation to source.
~/harness/stage/audit.ts
// One row per decision. Cryptographically signed. Re-runnable.
audit.append(record: AuditRow): void

// 2026-05-28T10:47:22Z  task=apply_rule       rule=LIMIT_LIAB.v3.2
//   model=opus-4.7      verifier=ok           cite=§10.1:184-187
//   playbook=std.v3.2   sig=0x9c2f…a18b
// 2026-05-28T10:47:23Z  task=screen_privilege doc=msa_v14.docx
//   model=opus-4.7      verifier=ok           cite=p.3:atty-client
//   playbook=std.v3.2   sig=0x4d11…7e22
byte-for-byte file fidelitytyped contractsindependent verifiersigned audit logre-runnable against playbook version
products on the harness

Built on the harness.

Four vertical products. Each pre-configured with a domain playbook and tool set.

MARGIN
Email-native contract redline.

CC Margin on a draft. Get a tracked-changes version back in under ten minutes — every change tagged to a rule in your playbook. Word and PDF, native.

BASIN
Read the run statement against the lease.

Oil & gas leases, division orders, run statements, JOAs, and title — read against the rule. Royalty reconciliation, lease disputes, and pre-acquisition diligence, every finding cited to the document.

leases & titleroyalty auditJOA & AFE
LEDGER
Finance documents, read against their terms.

PE side letters (MFN & transfer-restriction tracking), credit agreements and covenants, and consumer-debt validation (chain-of-title, SOL by state, Reg F §1006.34). Every finding cited to the document.

CHART
The chart, read against the rule.

Medical-legal chart review. Claims and utilization review against medical necessity criteria. Prior auth. Chart abstraction for clinical trials.

trust

Trust is engineered.

Danielle does not learn from your documents. Outputs are signed against a playbook version — re-run the same job and you get auditable, comparable results. Every decision has a citation.

Zero retention

Documents and outputs are not used to train models. Ever.

Citation-grounded

Every assertion ties back to a specific source span.

Versioned playbook

Each output is signed against playbook version. Re-runnable.

SOC 2 in progress

Type II audit underway. SOC 2 reports available to design partners under NDA.

Thirty days. One real workflow. Your documents.

Engagements are scoped tightly: run one of our four products — Margin, Basin, Ledger, Chart — or the Harness directly, on one real workflow for 30 days.

team@danielle.legal