n8n-flow

Outside-counsel invoice anomaly detection with n8n

Difficulty

intermediate

Setup time

90min

For

legal-ops

Legal Ops

Stack

An n8n flow that pulls outside-counsel invoices from your e-billing system, parses LEDES 1998B line items, applies your billing guidelines as deterministic rules, asks Claude for a second pass on anomalies that resist rules (duplicative timekeepers, scope creep, off-engagement-letter work), then routes each invoice into one of four buckets — auto-approve, auto-deduct with notice, Slack reviewer queue, or director escalation — with every decision written to an idempotent audit log. Recovers the 5-15% of outside-counsel spend that line-by-line manual review misses, at the cost of about $0.04 of Claude inference per invoice.

The complete workflow ships in apps/web/public/artifacts/legal-spend-anomaly-n8n/legal-spend-anomaly-n8n.json (15 nodes, single trigger). Setup notes and credential instructions live in the sibling _README.md.

When to use

You have a steady volume of outside-counsel invoices — at least 50 a month across more than three firms — flowing through an e-billing system that exposes LEDES via API (Brightflag, Onit, BusyLamp, SimpleLegal, or a self-hosted equivalent). You have written billing guidelines and a rate card per firm, and someone on the team is already doing line-item review well enough that you can validate the flow’s flags against their catches. The win is shifting that reviewer from “scan every line” to “decide on the flagged items,” which typically lands at three to five times the throughput per reviewer hour.

When NOT to use

Skip this if your invoice volume is under twenty a month — the calibration overhead exceeds the recoverable spend. Skip it if you do not have a rate card and approved-timekeeper list per matter; the flow leans on those tables for the rule-based checks, and without them the AI pass is doing all the work and will hallucinate violations. Skip it if your firms send PDF invoices only; this flow assumes LEDES, and the PDF-extraction variant is a different workflow with much weaker recall. Skip it if your legal-ops function is one person who reviews everything personally and trusts their own pattern recognition more than they would trust a tuned model — in that case the flow adds latency without adding judgement.

Setup

The flow assumes four supporting Postgres tables (matters, matter_approved_timekeepers, firm_billing_guidelines, invoice_audit_log) — the README spells out the columns and the indexes that make the upserts and the watermark cheap. Stand those up first, populate them from your existing matter-management system or rate-card spreadsheets, then import legal-spend-anomaly-n8n.json into n8n. Wire the four placeholder credentials (Brightflag/your e-billing system, Postgres, Anthropic, Slack) per the README. Run the six-step verification sequence in the README before flipping the cron trigger to active; do not skip the idempotency check, since a duplicate audit-log row will throw off the next watermark.

Calibration is the part most teams underweight. Pull a hundred historical invoices your team has already reviewed manually, run them through the flow with the cron disabled, and compare the flow’s decision against your team’s actual disposition. Expect to retune the AI system prompt in Claude — Anomaly Detection and the thresholds in Score + Route at least twice before the routing distribution looks like your team’s. The thresholds in the bundle are starting points (AI severity ≥ 0.8 escalates, rule value share ≥ 15% escalates, AI flag count > 0 routes to the reviewer queue) — they will move once you see your distribution.

What the flow does

Daily Cron — 7am Mon-Fri fires the run. Lookup Watermark reads the most recent checked_at from invoice_audit_log and falls back to seven days if the table is empty, so re-runs after an outage do not double-process. Brightflag — List New Invoices queries the e-billing system for invoices submitted since the watermark; Split Invoices fans out one execution per invoice. Fetch LEDES File downloads the LEDES 1998B blob and Parse LEDES (a Code node) splits it into structured line items — timekeeper id, classification, rate, units, task code, activity code, narrative, line total. Load Matter + Rate Card pulls the matter, the approved-timekeeper list with rate caps, and the firm’s billing guidelines in a single round-trip.

Rule-Based Checks is a deterministic pass: it flags unapproved timekeepers, rates above the card, block-billing (units above the firm’s threshold with a short narrative), vague descriptions matching the firm’s keyword list, and partner-classified travel time when the firm’s no-travel-class rule applies. Each flag carries a severity (0-1) and an estimated dollar impact, summed into rule_value_cents. Claude — Anomaly Detection then makes a single Anthropic API call against claude-sonnet-4-6 with the line items, the matter scope, and the firm guidelines as context, returning a JSON array of findings the rules cannot easily express — duplicative timekeepers on the same task on the same day, time disproportionate to scope, scope-creep narrative, off-engagement-letter work. The system prompt explicitly forbids inventing line indexes or claiming violations not tied to a specific line, which is the most common failure mode of LLM-based invoice review.

Score + Route combines the two passes into a single decision. The four buckets — auto_approve, auto_deduct, reviewer_queue, escalate_director — are routed via two if nodes. Escalations land in #legal-ops-escalations with a Slack Block Kit payload showing the top five rule and AI findings; reviewer-queue and auto-deduct decisions land in #legal-ops-invoice-review; auto-approve writes the audit log only. Every branch terminates at Audit Log Insert, which upserts on invoice_id so re-runs are safe.

Cost reality

Per invoice: one Claude Sonnet 4.6 call at roughly 4-6k input tokens (line items + matter + guidelines) and 500-1000 output tokens, so about $0.04 each at current pricing. At 500 invoices a month that is around $20 of inference. The Postgres queries are cheap (single-row reads on indexed columns plus one upsert). The e-billing API and LEDES fetch are free side of your existing vendor contract. n8n self-hosted is the linear-fixed cost; n8n Cloud Starter at $24/month covers this volume with room to spare.

The labour math is what makes this pay back. A reviewer doing line-by-line takes 10-15 minutes per invoice; the flow drops that to 2-4 minutes on the queued items (read the Slack summary, click into the audit log, decide), and zero on the auto-approve and auto-deduct paths. At 500 invoices a month with a 60/30/10 split across auto-approve, reviewer queue, and escalation, the flow saves roughly 50 hours of reviewer time a month against an inference cost of $20 plus an hour or two of operator time tuning thresholds. The recovered spend itself is the bigger line: 5-15% of monthly outside-counsel spend is the band reported in vendor case studies (Brightflag, Onit) and our own back-tests, and that swamps the operating cost by two orders of magnitude on any portfolio above $200k/month.

Be honest about the time-to-payback. The first month is calibration, not recovery. Months two and three are when the routing distribution stabilises and the recovered spend starts showing up in your AP variance.

Success metric

Track recovered spend per month — the dollar value of auto_deduct plus the dollar value of reviewer-confirmed deductions out of the queue, divided by total outside-counsel spend that month. The number to beat is whatever your manual baseline was. If the flow is not pulling at least 3% in month three you have a calibration problem, not a flow problem; pull the audit log, sample 30 invoices, and compare against your team’s manual notes.

Secondary metric: reviewer time per flagged invoice. If it is climbing instead of falling, the Slack messages are not giving the reviewer enough context to decide quickly — adjust the Block Kit payload in Slack — Reviewer Queue to include the specific line numbers and dollar deltas, not just the flag categories.

vs alternatives

Versus the e-billing vendor’s built-in compliance engine (Brightflag’s “AI review”, Onit’s rules engine): the vendor’s rules are competent but their AI pass is opaque, you cannot tune the prompt, and you cannot add custom checks without paying for a professional-services engagement. This flow gives you the prompt, the thresholds, and the audit log — all editable. Versus a DIY Python script: same logic, much higher operational burden (you own the cron, the retries, the credential rotation, the observability) and no visual debugger when a LEDES file from a new firm parses oddly. Versus the status quo of a paralegal reading every invoice: the paralegal is more accurate on novel patterns for the first month, after which the flow’s recall on the codified rules is higher and the paralegal’s time is freed for the genuinely judgement-call items.

The case for the n8n version specifically over a Lambda or a Make.com build is the visual graph plus the per-node retry semantics — when the Anthropic API rate-limits you on a busy morning, n8n’s automatic retry with backoff on the httpRequest node handles it without code, and you can see the retry happen.

Watch-outs

Auto-deductions communicated badly damage firm relationships. Guard: the Slack — Reviewer Queue payload always includes the reasoning chain from both the rule pass and the AI pass, and the audit log retains the full rule_flags_json and ai_flags_json. Before any auto-deduction is communicated to the firm, generate the firm-facing note from the audit log row, not from a templated “we deducted X” message — firms accept reductions when they see the specific line, the specific guideline, and the specific dollar impact.

Threshold tuning is matter-type-sensitive. Litigation invoices have different patterns (large discovery batches look like block billing but are not) than transactional ones (any block billing is suspicious). Guard: the Load Matter + Rate Card query returns matter_type, and the Rule-Based Checks Code node is the place to branch on it. Ship the v1 flow with global thresholds, then specialise within four weeks.

Novel firms produce false positives until you have a baseline. Guard: add a WHERE invoices_seen_count < 5 check upstream and force decision = reviewer_queue for any firm under that threshold, regardless of what the rules and AI say. The bundle does not include this check by default; add it before going live if you onboard new firms more than once a quarter.

LEDES parsing breaks silently when a firm sends a malformed file. Guard: the Parse LEDES Code node returns parse_error: 'empty_or_malformed_ledes' rather than throwing, and the downstream nodes will write a row to the audit log with decision: auto_approve (the default) — which is wrong. Add an if node after Parse LEDES that routes parse errors to #legal-ops-escalations with the firm name and invoice id so a human can chase the firm for a clean file.

Claude can hallucinate violations on a busy invoice. Guard: the system prompt forbids inventing line indexes; the Score + Route node treats AI findings as advisory unless severity ≥ 0.8 (escalation) or AI count > 0 alongside rule findings (reviewer queue). Never let an AI-only flag drive an auto_deduct.

Stack

n8n (cloud or self-hosted) is the orchestrator. Claude Sonnet 4.6 via the Anthropic Messages API does the anomaly pass. Postgres holds the matter database, rate cards, billing guidelines, and audit log. Slack receives the reviewer queue and director escalations. Your e-billing system (Brightflag in the bundle defaults; swap the host and path for Onit, BusyLamp, SimpleLegal, or a self-hosted endpoint) is the source of truth for new invoices and the eventual write-back target if you extend the flow to push deductions back rather than emailing them.

This flow is the operational layer of legal spend management; the policy layer is your written outside-counsel guidelines, which the rule-based checks encode. The two only work together — the guidelines without the flow are aspirational; the flow without the guidelines is a model trying to invent your policy.

Edit this page on GitHub

Files in this artifact

Download all (.zip)

# Outside-counsel invoice anomaly detection (n8n)

## What this flow does

Polls your e-billing system every weekday morning for newly submitted outside-counsel invoices, fetches the LEDES 1998B file for each one, parses every line item, runs deterministic billing-guideline checks against your matter database (approved timekeepers, rate cards, block-billing rules, vague-description keywords, no-travel-class rules), then asks Claude for a second pass over anomalies that are hard to express as rules (duplicative timekeepers on the same task, disproportionate task time relative to scope, scope-creep narrative, off-engagement-letter work). Each invoice is scored, routed to one of four buckets — auto-approve, auto-deduct with notice, reviewer queue in Slack, or director escalation — and written to an idempotent audit log.

The flow is single-trigger (the daily cron); the watermark on `invoice_audit_log.checked_at` makes re-runs safe. Every decision is reproducible from the audit log row.

## Import

1. In your n8n instance, open **Workflows → Import from File** and select `legal-spend-anomaly-n8n.json`.
2. The workflow imports as inactive. Do not activate it yet — you need to wire credentials and create the supporting Postgres tables first.
3. Open workflow **Settings** and confirm `executionOrder: v1` and `timezone: America/New_York` (or change the timezone to match your billing day boundary). The `Daily Cron — 7am Mon-Fri` node inherits this timezone.

## Credentials

The workflow ships with four placeholder credential references. Each must be replaced with a real credential in n8n before the flow runs. In each node, open the credential picker and either select an existing credential of the right type or create a new one.

### `PLACEHOLDER_BRIGHTFLAG_CRED_ID` — Brightflag (or your e-billing system) API token

Used by the `Brightflag — List New Invoices` and `Fetch LEDES File` nodes. Type: **Header Auth**. Header name: `Authorization`. Header value: `Bearer <your-token>`. If you are on Onit, BusyLamp, SimpleLegal, or a self-hosted e-billing system, swap the host and path in the `Brightflag — List New Invoices` node URL and adjust the header to whatever your vendor expects. The downstream `Parse LEDES` and `Rule-Based Checks` nodes assume the list endpoint returns `{ invoices: [{ id, firm_id, matter_id, ledes_url, total_amount, currency }] }`; if your vendor's shape differs, add a `Code` node after the list call to normalise.

### `PLACEHOLDER_POSTGRES_CRED_ID` — Postgres for matter database + audit log

Used by `Lookup Watermark`, `Load Matter + Rate Card`, and `Audit Log Insert`. Type: **Postgres**. The flow expects four tables: `matters` (matter_id, matter_type, budget_remaining_cents, scope_summary), `matter_approved_timekeepers` (matter_id, timekeeper_id, max_rate_cents, classification), `firm_billing_guidelines` (law_firm_id, block_billing_min_units, vague_keywords text[], after_hours_window, no_travel_class text[]), and `invoice_audit_log` (id serial pk, invoice_id unique, plus the columns the `Audit Log Insert` node writes). Add a unique index on `invoice_audit_log.invoice_id` so the `ON CONFLICT` clause works, and indexes on `matter_approved_timekeepers.matter_id` and `firm_billing_guidelines.law_firm_id`.

### `PLACEHOLDER_ANTHROPIC_CRED_ID` — Anthropic API key

Used by `Claude — Anomaly Detection`. Type: **Header Auth**. Header name: `x-api-key`. Header value: your Anthropic API key. The node targets `claude-sonnet-4-6`; switch to a smaller model only after you have calibrated against historical invoices, since the recall on subtle scope-creep narratives degrades quickly with cheaper models.

### `PLACEHOLDER_SLACK_CRED_ID` — Slack bot token

Used by `Slack — Escalate to Director` and `Slack — Reviewer Queue`. Type: **Header Auth**. Header name: `Authorization`. Header value: `Bearer xoxb-...`. The bot needs `chat:write` and must be invited into both `#legal-ops-escalations` and `#legal-ops-invoice-review` (or whatever channels you rename them to in the two Slack node bodies).

## First-run verification

Before you flip the schedule trigger to active, walk every branch on a small set of inputs.

1. **Empty list path.** Temporarily edit the `Brightflag — List New Invoices` URL to query a status that returns no invoices. Run the workflow manually. Expected: `Split Invoices` produces zero items, the rest of the flow short-circuits, and no rows appear in `invoice_audit_log`.
2. **Clean invoice path.** Pick a known-clean historical invoice (no rate breaches, all timekeepers on the approved list, no vague descriptions). Run the workflow manually with that invoice's `ledes_url` injected. Expected: `Score + Route` returns `decision: auto_approve`; one row in `invoice_audit_log` with `rule_flag_count = 0` and `ai_flag_count = 0`.
3. **Rule-only flag path.** Pick an invoice where you know one timekeeper billed slightly above the rate card. Expected: `decision: auto_deduct` with `reason: low_value_rule_flags_only`, the `Reviewer or Deduct?` node routes to the audit log directly, no Slack message goes out (or change the `Slack — Reviewer Queue` body to also handle `auto_deduct` if you prefer notice).
4. **AI-flag path.** Run a historical invoice your team manually flagged for scope creep. Expected: `decision: reviewer_queue` and a Slack message in `#legal-ops-invoice-review` with both rule and AI findings. Cross-check the AI findings against your team's manual notes; if Claude is missing the same items your team caught, tighten the system prompt before going further.
5. **Escalation path.** Run the most egregious historical invoice you have (large overrun, off-scope work). Expected: `decision: escalate_director` and a Slack message in `#legal-ops-escalations`. Confirm the `:rotating_light:` block format renders correctly.
6. **Idempotency.** Re-run any of the above with the same invoice. Expected: the existing `invoice_audit_log` row is updated in place (the `ON CONFLICT (invoice_id) DO UPDATE` clause), not duplicated. The watermark advances correctly on the next scheduled run.

Once all six branches behave as expected, activate the workflow. The `Daily Cron — 7am Mon-Fri` node will then drive everything from there. Watch the audit log for the first two weeks; expect to retune the AI system prompt and the `Score + Route` thresholds at least twice before the routing distribution stabilises.

{
  "name": "Outside-counsel invoice anomaly detection",
  "nodes": [
    {
      "parameters": {
        "rule": {
          "interval": [
            {
              "field": "cronExpression",
              "expression": "0 7 * * 1-5"
            }
          ]
        }
      },
      "id": "2d2d2d2d-0001-0000-0000-000000000001",
      "name": "Daily Cron — 7am Mon-Fri",
      "type": "n8n-nodes-base.scheduleTrigger",
      "typeVersion": 1,
      "position": [220, 320],
      "notesInFlow": true,
      "notes": "Set the timezone explicitly in workflow Settings — default is UTC. Pulls anything new from the e-billing system since the last successful run."
    },
    {
      "parameters": {
        "operation": "executeQuery",
        "query": "SELECT coalesce(max(checked_at), now() - interval '7 days') AS since_at\nFROM invoice_audit_log;",
        "options": {}
      },
      "id": "2d2d2d2d-0001-0000-0000-000000000002",
      "name": "Lookup Watermark",
      "type": "n8n-nodes-base.postgres",
      "typeVersion": 2.4,
      "position": [440, 320],
      "credentials": {
        "postgres": {
          "id": "PLACEHOLDER_POSTGRES_CRED_ID",
          "name": "Postgres — legal-ops state"
        }
      },
      "notesInFlow": true,
      "notes": "Read-after-write watermark. Falls back to 7d if the audit log is empty."
    },
    {
      "parameters": {
        "method": "GET",
        "url": "=https://api.brightflag.com/v1/invoices?status=submitted&updated_since={{ encodeURIComponent($json.since_at) }}",
        "authentication": "predefinedCredentialType",
        "nodeCredentialType": "httpHeaderAuth",
        "sendHeaders": true,
        "headerParameters": {
          "parameters": [
            { "name": "accept", "value": "application/json" }
          ]
        },
        "options": {
          "response": {
            "response": {
              "fullResponse": false
            }
          },
          "timeout": 60000
        }
      },
      "id": "2d2d2d2d-0001-0000-0000-000000000003",
      "name": "Brightflag — List New Invoices",
      "type": "n8n-nodes-base.httpRequest",
      "typeVersion": 4.2,
      "position": [660, 320],
      "credentials": {
        "httpHeaderAuth": {
          "id": "PLACEHOLDER_BRIGHTFLAG_CRED_ID",
          "name": "Brightflag — API token"
        }
      },
      "notesInFlow": true,
      "notes": "Swap the host/path for Onit, BusyLamp, SimpleLegal, or your own e-billing endpoint. Response shape downstream assumes { invoices: [{ id, firm_id, matter_id, ledes_url, total_amount, currency }] }."
    },
    {
      "parameters": {
        "fieldToSplitOut": "invoices",
        "options": {}
      },
      "id": "2d2d2d2d-0001-0000-0000-000000000004",
      "name": "Split Invoices",
      "type": "n8n-nodes-base.splitOut",
      "typeVersion": 1,
      "position": [880, 320]
    },
    {
      "parameters": {
        "method": "GET",
        "url": "={{ $json.ledes_url }}",
        "authentication": "predefinedCredentialType",
        "nodeCredentialType": "httpHeaderAuth",
        "sendHeaders": true,
        "headerParameters": {
          "parameters": [
            { "name": "accept", "value": "text/plain" }
          ]
        },
        "options": {
          "response": {
            "response": {
              "responseFormat": "text"
            }
          },
          "timeout": 60000
        }
      },
      "id": "2d2d2d2d-0001-0000-0000-000000000005",
      "name": "Fetch LEDES File",
      "type": "n8n-nodes-base.httpRequest",
      "typeVersion": 4.2,
      "position": [1100, 320],
      "credentials": {
        "httpHeaderAuth": {
          "id": "PLACEHOLDER_BRIGHTFLAG_CRED_ID",
          "name": "Brightflag — API token"
        }
      }
    },
    {
      "parameters": {
        "jsCode": "// Parse LEDES 1998B (pipe-delimited). Returns one item per invoice with line_items array.\n// Spec: https://ledes.org/ledes-1998b/\nconst raw = $json.data || $input.item.json.data || $input.item.json.body || '';\nconst lines = raw.split(/\\r?\\n/).filter(Boolean);\nif (lines.length < 2) {\n  return [{ json: { invoice_id: $('Split Invoices').item.json.id, line_items: [], parse_error: 'empty_or_malformed_ledes' } }];\n}\nconst headers = lines[0].split('|').map(h => h.trim());\nconst idx = (name) => headers.indexOf(name);\nconst col = {\n  invoice_number: idx('INVOICE_NUMBER'),\n  matter_id: idx('CLIENT_MATTER_ID'),\n  law_firm_id: idx('LAW_FIRM_ID'),\n  timekeeper_id: idx('TIMEKEEPER_ID'),\n  timekeeper_name: idx('TIMEKEEPER_NAME'),\n  timekeeper_classification: idx('TIMEKEEPER_CLASSIFICATION'),\n  rate: idx('LINE_ITEM_UNIT_COST'),\n  units: idx('LINE_ITEM_NUMBER_OF_UNITS'),\n  task_code: idx('LINE_ITEM_TASK_CODE'),\n  activity_code: idx('LINE_ITEM_ACTIVITY_CODE'),\n  date: idx('LINE_ITEM_DATE'),\n  description: idx('LINE_ITEM_DESCRIPTION'),\n  total: idx('LINE_ITEM_TOTAL')\n};\nconst items = [];\nfor (let i = 1; i < lines.length; i++) {\n  const cells = lines[i].split('|');\n  if (cells.length < headers.length) continue;\n  items.push({\n    invoice_number: cells[col.invoice_number],\n    matter_id: cells[col.matter_id],\n    law_firm_id: cells[col.law_firm_id],\n    timekeeper_id: cells[col.timekeeper_id],\n    timekeeper_name: cells[col.timekeeper_name],\n    timekeeper_classification: cells[col.timekeeper_classification],\n    rate: parseFloat(cells[col.rate]) || 0,\n    units: parseFloat(cells[col.units]) || 0,\n    task_code: cells[col.task_code],\n    activity_code: cells[col.activity_code],\n    date: cells[col.date],\n    description: (cells[col.description] || '').trim(),\n    total: parseFloat(cells[col.total]) || 0\n  });\n}\nreturn [{\n  json: {\n    invoice_id: $('Split Invoices').item.json.id,\n    matter_id: items[0]?.matter_id,\n    law_firm_id: items[0]?.law_firm_id,\n    invoice_number: items[0]?.invoice_number,\n    line_items: items,\n    line_count: items.length,\n    invoice_total: items.reduce((s, x) => s + (x.total || 0), 0)\n  }\n}];"
      },
      "id": "2d2d2d2d-0001-0000-0000-000000000006",
      "name": "Parse LEDES",
      "type": "n8n-nodes-base.code",
      "typeVersion": 2,
      "position": [1320, 320]
    },
    {
      "parameters": {
        "operation": "executeQuery",
        "query": "WITH matter AS (\n  SELECT matter_id, matter_type, budget_remaining_cents, scope_summary\n  FROM matters\n  WHERE matter_id = $1\n),\napproved AS (\n  SELECT timekeeper_id, max_rate_cents, classification\n  FROM matter_approved_timekeepers\n  WHERE matter_id = $1\n),\nguidelines AS (\n  SELECT block_billing_min_units, vague_keywords, after_hours_window, no_travel_class\n  FROM firm_billing_guidelines\n  WHERE law_firm_id = $2\n)\nSELECT\n  (SELECT row_to_json(matter) FROM matter)            AS matter,\n  (SELECT json_agg(approved) FROM approved)           AS approved_timekeepers,\n  (SELECT row_to_json(guidelines) FROM guidelines)    AS guidelines;",
        "options": {
          "queryReplacement": "={{ $json.matter_id }},{{ $json.law_firm_id }}"
        }
      },
      "id": "2d2d2d2d-0001-0000-0000-000000000007",
      "name": "Load Matter + Rate Card",
      "type": "n8n-nodes-base.postgres",
      "typeVersion": 2.4,
      "position": [1540, 320],
      "credentials": {
        "postgres": {
          "id": "PLACEHOLDER_POSTGRES_CRED_ID",
          "name": "Postgres — legal-ops state"
        }
      },
      "notesInFlow": true,
      "notes": "Single round-trip pulls matter, approved timekeepers, and firm guidelines. Add an index on matter_id and law_firm_id."
    },
    {
      "parameters": {
        "jsCode": "// Apply deterministic billing-guideline checks. Output: per-line flags + invoice rollup.\nconst inv = $('Parse LEDES').item.json;\nconst ctx = $json;\nconst approved = new Map((ctx.approved_timekeepers || []).map(t => [t.timekeeper_id, t]));\nconst gl = ctx.guidelines || {};\nconst vagueKeywords = (gl.vague_keywords || ['attention to', 'work on', 'review of', 'various', 'general']);\nconst minBlockUnits = gl.block_billing_min_units ?? 4.0;\nconst noTravelClass = new Set(gl.no_travel_class || ['Partner']);\nconst flags = [];\nfor (const li of inv.line_items) {\n  const tkApproved = approved.get(li.timekeeper_id);\n  if (!tkApproved) {\n    flags.push({ kind: 'unapproved_timekeeper', timekeeper_id: li.timekeeper_id, line: li, severity: 0.6 });\n  } else {\n    const cap = (tkApproved.max_rate_cents || 0) / 100;\n    if (cap > 0 && li.rate > cap) {\n      flags.push({ kind: 'rate_over_card', actual_rate: li.rate, card_rate: cap, line: li, severity: 0.5 });\n    }\n  }\n  if (li.units >= minBlockUnits && /[;,\\.]/.test(li.description) === false && li.description.split(' ').length < 8) {\n    flags.push({ kind: 'block_billing', units: li.units, line: li, severity: 0.4 });\n  }\n  const desc = (li.description || '').toLowerCase();\n  if (vagueKeywords.some(k => desc.startsWith(k.toLowerCase()) || desc === k.toLowerCase())) {\n    flags.push({ kind: 'vague_description', line: li, severity: 0.3 });\n  }\n  if (li.timekeeper_classification && noTravelClass.has(li.timekeeper_classification) && /travel|commute|airport/i.test(li.description)) {\n    flags.push({ kind: 'partner_travel_billed', line: li, severity: 0.5 });\n  }\n}\nconst rule_value_cents = Math.round(\n  flags.reduce((s, f) => {\n    if (f.kind === 'rate_over_card') return s + (f.actual_rate - f.card_rate) * f.line.units * 100;\n    if (f.kind === 'block_billing') return s + (f.line.total * 0.10) * 100;\n    if (f.kind === 'partner_travel_billed') return s + (f.line.total * 0.50) * 100;\n    if (f.kind === 'vague_description') return s + (f.line.total * 0.05) * 100;\n    return s;\n  }, 0)\n);\nreturn [{\n  json: {\n    invoice_id: inv.invoice_id,\n    invoice_number: inv.invoice_number,\n    matter_id: inv.matter_id,\n    law_firm_id: inv.law_firm_id,\n    matter: ctx.matter,\n    invoice_total: inv.invoice_total,\n    rule_flags: flags,\n    rule_flag_count: flags.length,\n    rule_value_cents,\n    line_items: inv.line_items\n  }\n}];"
      },
      "id": "2d2d2d2d-0001-0000-0000-000000000008",
      "name": "Rule-Based Checks",
      "type": "n8n-nodes-base.code",
      "typeVersion": 2,
      "position": [1760, 320]
    },
    {
      "parameters": {
        "method": "POST",
        "url": "https://api.anthropic.com/v1/messages",
        "sendHeaders": true,
        "headerParameters": {
          "parameters": [
            { "name": "anthropic-version", "value": "2023-06-01" },
            { "name": "content-type", "value": "application/json" }
          ]
        },
        "authentication": "predefinedCredentialType",
        "nodeCredentialType": "httpHeaderAuth",
        "sendBody": true,
        "specifyBody": "json",
        "jsonBody": "={\n  \"model\": \"claude-sonnet-4-6\",\n  \"max_tokens\": 1500,\n  \"system\": \"You audit outside-counsel legal invoices. You are given an invoice's line items, the matter's scope summary, and the firm's billing guidelines. Surface only items that exceed deterministic rule-based checks: duplicative timekeepers on the same task, disproportionate task time relative to scope, scope-creep narratives, off-engagement-letter work, and suspicious task/activity code combinations. For each finding return {line_index, kind, severity (0-1), reasoning (one sentence), suggested_action ('reduce'|'reject'|'query_firm')}. Return JSON only. If nothing exceeds heuristics, return an empty array. Never invent line indexes; never claim a violation you cannot tie to a specific line.\",\n  \"messages\": [\n    {\n      \"role\": \"user\",\n      \"content\": \"Matter: {{ JSON.stringify($json.matter) }}\\n\\nLine items (index, timekeeper, classification, rate, units, total, description, task_code, activity_code, date):\\n{{ $json.line_items.map((li, i) => `${i}\\t${li.timekeeper_name}\\t${li.timekeeper_classification}\\t${li.rate}\\t${li.units}\\t${li.total}\\t${li.description}\\t${li.task_code}\\t${li.activity_code}\\t${li.date}`).join('\\n') }}\"\n    }\n  ]\n}",
        "options": {
          "timeout": 60000
        }
      },
      "id": "2d2d2d2d-0001-0000-0000-000000000009",
      "name": "Claude — Anomaly Detection",
      "type": "n8n-nodes-base.httpRequest",
      "typeVersion": 4.2,
      "position": [1980, 320],
      "credentials": {
        "httpHeaderAuth": {
          "id": "PLACEHOLDER_ANTHROPIC_CRED_ID",
          "name": "Anthropic — x-api-key"
        }
      },
      "notesInFlow": true,
      "notes": "Calibration-sensitive. Run on 100 historical invoices and adjust the system prompt thresholds before going live."
    },
    {
      "parameters": {
        "jsCode": "// Combine rule-based hits and Claude's flags into a single per-invoice score and routing decision.\nconst rb = $('Rule-Based Checks').item.json;\nlet aiFlags = [];\ntry {\n  const text = $json.content?.[0]?.text || '[]';\n  aiFlags = JSON.parse(text);\n  if (!Array.isArray(aiFlags)) aiFlags = [];\n} catch (e) {\n  aiFlags = [];\n}\nconst aiSeverityMax = aiFlags.reduce((m, f) => Math.max(m, Number(f.severity) || 0), 0);\nconst ruleSeverityMax = rb.rule_flags.reduce((m, f) => Math.max(m, Number(f.severity) || 0), 0);\nconst ruleValueShare = (rb.invoice_total > 0) ? (rb.rule_value_cents / 100) / rb.invoice_total : 0;\nlet decision = 'auto_approve';\nlet reason = 'no flags';\nif (aiSeverityMax >= 0.8 || ruleValueShare >= 0.15) {\n  decision = 'escalate_director';\n  reason = aiSeverityMax >= 0.8 ? 'severe_ai_anomaly' : 'large_rule_value_share';\n} else if (aiFlags.length > 0 || ruleSeverityMax >= 0.5) {\n  decision = 'reviewer_queue';\n  reason = aiFlags.length > 0 ? 'ai_flags_present' : 'rule_severity_above_threshold';\n} else if (rb.rule_flag_count > 0) {\n  decision = 'auto_deduct';\n  reason = 'low_value_rule_flags_only';\n}\nreturn [{\n  json: {\n    ...rb,\n    ai_flags: aiFlags,\n    ai_flag_count: aiFlags.length,\n    decision,\n    reason,\n    score: { aiSeverityMax, ruleSeverityMax, ruleValueShare }\n  }\n}];"
      },
      "id": "2d2d2d2d-0001-0000-0000-00000000000a",
      "name": "Score + Route",
      "type": "n8n-nodes-base.code",
      "typeVersion": 2,
      "position": [2200, 320]
    },
    {
      "parameters": {
        "conditions": {
          "options": {
            "caseSensitive": true,
            "leftValue": "",
            "typeValidation": "strict"
          },
          "conditions": [
            {
              "id": "is-escalation",
              "leftValue": "={{ $json.decision }}",
              "rightValue": "escalate_director",
              "operator": {
                "type": "string",
                "operation": "equals"
              }
            }
          ],
          "combinator": "and"
        },
        "options": {}
      },
      "id": "2d2d2d2d-0001-0000-0000-00000000000b",
      "name": "Escalation?",
      "type": "n8n-nodes-base.if",
      "typeVersion": 2.2,
      "position": [2420, 320]
    },
    {
      "parameters": {
        "method": "POST",
        "url": "https://slack.com/api/chat.postMessage",
        "authentication": "predefinedCredentialType",
        "nodeCredentialType": "httpHeaderAuth",
        "sendHeaders": true,
        "headerParameters": {
          "parameters": [
            { "name": "content-type", "value": "application/json" }
          ]
        },
        "sendBody": true,
        "specifyBody": "json",
        "jsonBody": "={\n  \"channel\": \"#legal-ops-escalations\",\n  \"text\": \":rotating_light: Escalation — Invoice {{ $json.invoice_number }} (matter {{ $json.matter_id }}, firm {{ $json.law_firm_id }}). Total ${{ $json.invoice_total }}. Reason: {{ $json.reason }}. AI severity {{ $json.score.aiSeverityMax }}, rule value share {{ ($json.score.ruleValueShare * 100).toFixed(1) }}%.\",\n  \"blocks\": [\n    { \"type\": \"section\", \"text\": { \"type\": \"mrkdwn\", \"text\": \":rotating_light: *Escalation* — Invoice `{{ $json.invoice_number }}`\\nMatter `{{ $json.matter_id }}` • Firm `{{ $json.law_firm_id }}` • Total `${{ $json.invoice_total }}`\\nReason: *{{ $json.reason }}*\" } },\n    { \"type\": \"section\", \"text\": { \"type\": \"mrkdwn\", \"text\": \"*AI findings ({{ $json.ai_flag_count }})*\\n{{ ($json.ai_flags || []).slice(0,5).map(f => `• line ${f.line_index} — ${f.kind} (sev ${f.severity}): ${f.reasoning}`).join('\\n') }}\" } },\n    { \"type\": \"section\", \"text\": { \"type\": \"mrkdwn\", \"text\": \"*Rule findings ({{ $json.rule_flag_count }})*\\n{{ ($json.rule_flags || []).slice(0,5).map(f => `• ${f.kind} — line: ${f.line.description?.slice(0,60)}`).join('\\n') }}\" } }\n  ]\n}",
        "options": {}
      },
      "id": "2d2d2d2d-0001-0000-0000-00000000000c",
      "name": "Slack — Escalate to Director",
      "type": "n8n-nodes-base.httpRequest",
      "typeVersion": 4.2,
      "position": [2640, 220],
      "credentials": {
        "httpHeaderAuth": {
          "id": "PLACEHOLDER_SLACK_CRED_ID",
          "name": "Slack — bot token"
        }
      }
    },
    {
      "parameters": {
        "conditions": {
          "options": {
            "caseSensitive": true,
            "leftValue": "",
            "typeValidation": "strict"
          },
          "conditions": [
            {
              "id": "is-reviewer-or-deduct",
              "leftValue": "={{ ['reviewer_queue', 'auto_deduct'].includes($json.decision) }}",
              "rightValue": true,
              "operator": {
                "type": "boolean",
                "operation": "equal"
              }
            }
          ],
          "combinator": "and"
        },
        "options": {}
      },
      "id": "2d2d2d2d-0001-0000-0000-00000000000d",
      "name": "Reviewer or Deduct?",
      "type": "n8n-nodes-base.if",
      "typeVersion": 2.2,
      "position": [2640, 420]
    },
    {
      "parameters": {
        "method": "POST",
        "url": "https://slack.com/api/chat.postMessage",
        "authentication": "predefinedCredentialType",
        "nodeCredentialType": "httpHeaderAuth",
        "sendHeaders": true,
        "headerParameters": {
          "parameters": [
            { "name": "content-type", "value": "application/json" }
          ]
        },
        "sendBody": true,
        "specifyBody": "json",
        "jsonBody": "={\n  \"channel\": \"#legal-ops-invoice-review\",\n  \"text\": \"Invoice {{ $json.invoice_number }} — decision: {{ $json.decision }} ({{ $json.reason }}). Total ${{ $json.invoice_total }}; estimated deduction ${{ ($json.rule_value_cents / 100).toFixed(2) }}.\",\n  \"blocks\": [\n    { \"type\": \"section\", \"text\": { \"type\": \"mrkdwn\", \"text\": \"*Invoice* `{{ $json.invoice_number }}` — firm `{{ $json.law_firm_id }}` • matter `{{ $json.matter_id }}`\\n*Decision*: `{{ $json.decision }}` — {{ $json.reason }}\\n*Total*: ${{ $json.invoice_total }} • *Est. deduction*: ${{ ($json.rule_value_cents / 100).toFixed(2) }}\" } },\n    { \"type\": \"section\", \"text\": { \"type\": \"mrkdwn\", \"text\": \"*Rule flags ({{ $json.rule_flag_count }})*: {{ ($json.rule_flags || []).map(f => f.kind).slice(0,8).join(', ') || 'none' }}\\n*AI flags ({{ $json.ai_flag_count }})*: {{ ($json.ai_flags || []).map(f => f.kind).slice(0,8).join(', ') || 'none' }}\" } }\n  ]\n}",
        "options": {}
      },
      "id": "2d2d2d2d-0001-0000-0000-00000000000e",
      "name": "Slack — Reviewer Queue",
      "type": "n8n-nodes-base.httpRequest",
      "typeVersion": 4.2,
      "position": [2860, 360],
      "credentials": {
        "httpHeaderAuth": {
          "id": "PLACEHOLDER_SLACK_CRED_ID",
          "name": "Slack — bot token"
        }
      }
    },
    {
      "parameters": {
        "operation": "executeQuery",
        "query": "INSERT INTO invoice_audit_log (\n  invoice_id, invoice_number, matter_id, law_firm_id,\n  decision, reason, rule_flag_count, rule_value_cents,\n  ai_flag_count, ai_severity_max, rule_severity_max, rule_value_share,\n  rule_flags_json, ai_flags_json, checked_at\n) VALUES (\n  $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13::jsonb, $14::jsonb, now()\n)\nON CONFLICT (invoice_id) DO UPDATE\nSET decision = excluded.decision,\n    reason = excluded.reason,\n    rule_flag_count = excluded.rule_flag_count,\n    rule_value_cents = excluded.rule_value_cents,\n    ai_flag_count = excluded.ai_flag_count,\n    ai_severity_max = excluded.ai_severity_max,\n    rule_severity_max = excluded.rule_severity_max,\n    rule_value_share = excluded.rule_value_share,\n    rule_flags_json = excluded.rule_flags_json,\n    ai_flags_json = excluded.ai_flags_json,\n    checked_at = excluded.checked_at\nRETURNING id;",
        "options": {
          "queryReplacement": "={{ $json.invoice_id }},{{ $json.invoice_number }},{{ $json.matter_id }},{{ $json.law_firm_id }},{{ $json.decision }},{{ $json.reason }},{{ $json.rule_flag_count }},{{ $json.rule_value_cents }},{{ $json.ai_flag_count }},{{ $json.score.aiSeverityMax }},{{ $json.score.ruleSeverityMax }},{{ $json.score.ruleValueShare }},{{ JSON.stringify($json.rule_flags || []) }},{{ JSON.stringify($json.ai_flags || []) }}"
        }
      },
      "id": "2d2d2d2d-0001-0000-0000-00000000000f",
      "name": "Audit Log Insert",
      "type": "n8n-nodes-base.postgres",
      "typeVersion": 2.4,
      "position": [3080, 320],
      "credentials": {
        "postgres": {
          "id": "PLACEHOLDER_POSTGRES_CRED_ID",
          "name": "Postgres — legal-ops state"
        }
      },
      "notesInFlow": true,
      "notes": "Idempotent on invoice_id. Watermark node reads max(checked_at). Add a unique index on invoice_id."
    }
  ],
  "connections": {
    "Daily Cron — 7am Mon-Fri": {
      "main": [
        [{ "node": "Lookup Watermark", "type": "main", "index": 0 }]
      ]
    },
    "Lookup Watermark": {
      "main": [
        [{ "node": "Brightflag — List New Invoices", "type": "main", "index": 0 }]
      ]
    },
    "Brightflag — List New Invoices": {
      "main": [
        [{ "node": "Split Invoices", "type": "main", "index": 0 }]
      ]
    },
    "Split Invoices": {
      "main": [
        [{ "node": "Fetch LEDES File", "type": "main", "index": 0 }]
      ]
    },
    "Fetch LEDES File": {
      "main": [
        [{ "node": "Parse LEDES", "type": "main", "index": 0 }]
      ]
    },
    "Parse LEDES": {
      "main": [
        [{ "node": "Load Matter + Rate Card", "type": "main", "index": 0 }]
      ]
    },
    "Load Matter + Rate Card": {
      "main": [
        [{ "node": "Rule-Based Checks", "type": "main", "index": 0 }]
      ]
    },
    "Rule-Based Checks": {
      "main": [
        [{ "node": "Claude — Anomaly Detection", "type": "main", "index": 0 }]
      ]
    },
    "Claude — Anomaly Detection": {
      "main": [
        [{ "node": "Score + Route", "type": "main", "index": 0 }]
      ]
    },
    "Score + Route": {
      "main": [
        [{ "node": "Escalation?", "type": "main", "index": 0 }]
      ]
    },
    "Escalation?": {
      "main": [
        [{ "node": "Slack — Escalate to Director", "type": "main", "index": 0 }],
        [{ "node": "Reviewer or Deduct?", "type": "main", "index": 0 }]
      ]
    },
    "Slack — Escalate to Director": {
      "main": [
        [{ "node": "Audit Log Insert", "type": "main", "index": 0 }]
      ]
    },
    "Reviewer or Deduct?": {
      "main": [
        [{ "node": "Slack — Reviewer Queue", "type": "main", "index": 0 }],
        [{ "node": "Audit Log Insert", "type": "main", "index": 0 }]
      ]
    },
    "Slack — Reviewer Queue": {
      "main": [
        [{ "node": "Audit Log Insert", "type": "main", "index": 0 }]
      ]
    }
  },
  "active": false,
  "settings": {
    "executionOrder": "v1",
    "timezone": "America/New_York"
  },
  "versionId": "2d2d2d2d-0001-0000-0000-0000000000ff",
  "meta": {
    "templateCreatedBy": "ooligo",
    "instanceId": "ooligo-legal-ops"
  },
  "id": "legal-spend-anomaly",
  "tags": [
    { "name": "legal-ops" },
    { "name": "anomaly-detection" }
  ]
}