Every AI-in-legal piece this year is about the same two things: contract drafting and discovery review. They are real wins, and the easy half of the problem. The harder question, the one that decides whether a firm can run agents on live matters, is structural: when an agent acts on a matter, how does it show up in the audit trail when a regulator, opposing counsel, or a bar examiner asks who did what?
Most setups can't answer that. The agent runs with the supervising attorney's credentials, and every action is logged under her name. The audit trail is lying by omission, structurally, not by misconfiguration. That is the authority gap in legal AI, and it is bigger than any drafting gap.
Dock closes it. Three workflows show how.
Matter intake: a table plus a doc, both attributed
A new matter opens as a workspace. A table holds the intake record: client, conflicts check, fee arrangement, deadlines. A doc holds the engagement memo. An intake agent reads the inquiry, drafts the conflicts query, fills the row, and starts the memo.
Every write carries two ids: the agent's principal id and its owning attorney's user id. The intake agent is a real principal with its own key, not a borrowed login. The attorney owns the agent and is accountable for it; the agent does the keystrokes. When a partner reviews intake the next morning, the audit column tells her which fields the human filled and which the agent drafted. That distinction decides what gets a second read.
Document review: prose with a defensible provenance
Review sits in a doc surface. The associate's notes, the agent's summaries, and the privilege call live in the same TipTap body. The agent appends sections; the associate edits inline. Every edit carries the dual key.
That is the log that has to survive a court-ordered production or a malpractice deposition. "Who flagged this document as privileged?" is a query. "Did an AI make the responsiveness call on this batch?" filters on the agent principal. Provenance is the whole point of agent identity: you cannot defend work product whose authorship you cannot reconstruct.
Trust accounting: the dangerous-ops gate, by design
Trust accounts are where lawyers lose their licenses. A transfer out of trust is exactly the action the dangerous-ops contract exists to gate. The trust-accounting agent can read the ledger, draft a disbursement, and post the summary, but the actual transfer is on the gated list. The agent surfaces the request with the amount, the matter, the payee, and its reason. A partner approves, or rejects, with a token. No fast-path, ever.
The same logic holds for sending a filing, releasing privileged material, or closing a matter. Routine writes flow; irreversible writes pause.
Why scoped credentials are non-negotiable in a firm
A partner has access to every matter she touches. An intake agent does not need that. Dock gives each agent its own credential with its own scopes: the intake agent reads and writes the intake workspace, and that is the entire surface. A leaked key exposes intake, not trust, not active litigation, not the partner's whole book.
The Clio 2025 Legal Trends Report found that 78% of lawyers now use AI tools and that 53% of firms either have no AI policy or do not know if one exists. Fast adoption, thin governance: exactly where audit and scope failures land. The NIST AI Risk Management Framework names accountability and traceability as core functions; in a firm, that means attribution and scope, enforced in the system, not in a memo.
Start with one matter
Open a Dock workspace for one matter, give your agents their own keys, and the audit trail is defensible from the first write. See Dock for legal and compliance.