Frequently Asked Questions

cite.review catches AI-hallucinated legal citations before they reach a court. It checks whether cited authorities actually exist and whether they support the propositions in your draft.

In 2023, lawyers in Mata v. Avianca were sanctioned for filing AI-generated citations to nonexistent cases. In April 2026, Sullivan & Cromwell apologized to a federal bankruptcy court for the same problem.

The core problem: when a tool is known to invent legal citations, submitting unverified output is not just carelessness. It is taking a known risk with what you represent to a court.

This is also the argument in Hallucinated Authority: AI Citations as Reckless Misrepresentation, 115 Georgetown Law Journal (Online) (forthcoming 2026), by Kirin Chang (the person who built this site).

cite.review is the practical response: free, open-source, and auditable. Similar tools exist, but most are paid and closed. The goal is to keep core citation verification accessible to everyone.

An AI hallucination is when a model generates information that sounds plausible and confident, but is factually wrong or entirely invented.

In legal work, this shows up as:

• Case names that look real but don't exist in any database
• Real case names with wrong reporters, page numbers, courts, or dates
• Real cases cited for propositions they don't actually stand for
• Quotations from opinions that were never written

The last category is particularly dangerous: the case exists and survives a basic search, but the substance attributed to it is wrong. cite.review's Step 2 is designed specifically to catch this.

Kirin Chang built cite.review. He is a Research Fellow at the U.S.-Asia Law Institute at NYU School of Law, an Affiliate Research Fellow at Emory Law's AI & the Future of Work initiative, and a member of the New York and Texas Bars.

The reason: after lawyers were sanctioned and law firms apologized for AI-hallucinated citations, there was still no free, open-source tool to catch them. Most existing solutions were paid and closed. cite.review is the practical response. Kirin's forthcoming article in Georgetown Law Journal (Online) argues that submitting AI citations without verification can constitute reckless misrepresentation.

cite.review is part of the broader lawreview.tools suite of tools for legal-academic writing workflows. The source code is open so anyone can audit it, adapt it, or suggest improvements.

cite.review is free. There is no subscription, no trial period, and no plans to charge users.

The legal databases cite.review uses (CourtListener, Cornell LII, and GovInfo) are all free public services. A CourtListener account is free to create and provides a generous API rate limit for normal legal work.

The only cost you might incur is your AI provider's API fee if you use Step 2. This is charged by the AI company, not by cite.review. A typical support check costs a fraction of a cent per citation. If you use a local AI model, even that cost is zero.

Yes. cite.review has no business model and no plans to build one. It grew out of genuine frustration with a real problem in legal practice, not a product searching for a market.

The real costs are significant: development time, repeated model testing, AI token spend, and ongoing domain/infrastructure expenses. Kirin has absorbed all of that personally to keep the tool free and available.

If any law school library, court, firm, nonprofit, or other institution wants to sponsor this work or collaborate, that support is very welcome.

The source code is licensed under AGPL-3.0, which requires any public deployment of a modified version to also release that version as open source. This keeps the tool in the commons and prevents someone from taking the code, adding a paywall, and competing with the free original.

cite.review runs each citation through Step 1: cross-referencing against three authoritative public databases:

• CourtListener (Free Law Project): federal and state case law. cite.review checks whether the case exists, whether the case name matches, and whether the reporter, volume, and page are consistent.
• Cornell LII: U.S. Code and federal regulations.
• GovInfo: official U.S. government publications (Public Laws, Federal Register, CFR, etc.).

A citation is marked Verified when it is found and all key fields match. It is marked Warning when something is found but some fields don't match. It is marked Not Found when no matching record can be located.

Step 2 is optional: for verified cases, cite.review retrieves the actual opinion text and asks your chosen AI provider whether the case supports the proposition in your memo. This check runs from your browser directly to the AI company. cite.review is not in the middle.

Verified means the case was found in CourtListener's index and the case name, court, reporter, volume, and page all match. That is a strong signal the citation is real and correctly formed.

What it does not mean:

• The case actually supports the proposition in your memo. A real case can still be cited for something it does not say. That is what Step 2 checks.
• The citation is perfect in every detail. CourtListener is very comprehensive, but it has gaps. A Verified result is reliable; it is not a substitute for reading the case.

The two steps work together: Step 1 catches hallucinated citations (cases that do not exist), and Step 2 catches misused citations (real cases cited for the wrong proposition). Both matter.

CourtListener's coverage is very broad. It indexes federal courts going back to the founding era and most major state courts. There are some gaps:

• Very recent decisions (published within the past few days) may not yet be indexed
• Some state trial court decisions are not in the database
• Non-U.S. jurisdictions are not covered

If a case comes back Not Found, that does not necessarily mean it is fabricated. It may just be outside CourtListener's coverage. Independently verify those citations through Westlaw, Lexis, or the court's official website.

A Verified result means the citation appeared in the database with matching fields. It is a strong signal, but it does not substitute for independent professional judgment.

Yes, with one caveat. cite.review verifies that a cited provision exists (e.g., that 42 U.S.C. § 1983 is a real provision at that location), not that the statutory text says what you claim it says.

For statute and regulatory citations, cite.review uses Cornell LII for U.S. Code and Code of Federal Regulations citations, and GovInfo for Public Laws, the Federal Register, and other official government documents. The check confirms the referenced provision exists at the location the citation points to.

It does not read the statutory text or check whether it supports your proposition. cite.review catches fabricated citation strings (like citing a code section that does not exist), but not a real provision cited for something it does not say. That remains a human review step.

Document parsing can still extract text from non-U.S. documents if the file is readable. But citation verification currently focuses on U.S. materials only.

Right now, cite.review verifies U.S. case law through CourtListener and U.S. statutes and federal materials through Cornell LII and GovInfo. It should not be treated as a general citation verifier for non-U.S. jurisdictions.

cite.review recognizes these citation types and provides pre-filled search links for one-click manual verification. It cannot automatically verify their content.

• Law review and journal articles: cite.review parses the Bluebook reporter abbreviation and resolves it to the full journal name (e.g., 57 SUFFOLK U. L. REV. 345 → Suffolk University Law Review). Each citation links to a pre-filled Google Scholar query.
• Restatement citations: detected automatically (e.g., Restatement (Second) of Torts § 402A) and linked to a pre-filled Westlaw secondary-sources search. Follow the link and confirm the section number.
• Westlaw or Lexis citations: cite.review tries to match these against CourtListener. If found, it provides CourtListener, Westlaw, and Google Scholar links. If not, it generates pre-filled search links so you can verify with one click.

For all of these, verification is one click: follow the link and confirm the source exists and says what you claim. cite.review builds the search; the substantive review is yours.

cite.review supports .docx and .pdf file uploads, plus .txt, .md (Markdown), and .html as text-first sources. You can also paste plain text directly.

DOCX usually gives the best results because the text structure is cleanest. PDF works well when it already contains selectable text. Scanned PDFs are slower and depend on OCR quality. TXT, Markdown, and HTML are processed locally with no OCR needed.

Yes. The queue panel supports multiple files at once. Each file gets its own card with a per-file progress bar and Verify button. You can run files individually or click Run All Files to verify the whole queue in sequence.

When you are done, Export ZIP downloads a single archive containing an HTML and CSV report for each file plus a combined master summary.

If you have both versions, upload the original DOCX rather than the PDF. DOCX generally preserves structure better and produces cleaner citation extraction.

Formatting issues usually come from PDFs, especially scanned PDFs, image-based exports, or documents flattened by e-filing systems. If the parse looks noisy, switch OCR mode for scanned PDFs or go back to the original word-processing file.

No. API keys are saved in your browser's localStorage and never sent to cite.review's servers.

When you run Step 2, your browser makes the API request directly to the AI company. cite.review's server is not involved.

The only information that passes through cite.review's proxy is CourtListener query content, not your document text or AI keys.

You can verify this by reading the source code: github.com/kirinccchang/citereview.

Your document is processed entirely in your browser. Nothing is uploaded.

The only data that leaves your browser are individual citation strings sent to the legal databases (CourtListener, Cornell LII, GovInfo). These are plain citation strings, not your document's arguments, facts, or privileged content.

If you use an AI provider for Step 2, the opinion text retrieved from CourtListener and the relevant excerpt from your memo are sent to your chosen AI provider according to that provider's privacy policy. cite.review does not receive or store this data.

Step 1 does not transmit document contents, only citation strings like "556 U.S. 662." This is unlikely to raise privilege concerns.

Step 2 does send the relevant memo excerpt and the retrieved opinion text to your AI provider. Whether that is appropriate for confidential client work depends on your firm's policies and the provider's privacy terms. Review those before using Step 2 with client documents.

If you use a local AI model (Ollama / LM Studio), Step 2 never leaves your machine at all.

United States v. Heppner is the SDNY case where the court rejected privilege/work-product protection for a defendant's Claude chats. The opinion focused on consumer-platform usage and confidentiality expectations under those terms.

cite.review's architecture is narrower: Step 1 sends citation lookups to legal databases, and Step 2 sends only citation-adjacent memo excerpts plus opinion text from your browser directly to your selected AI provider. cite.review's worker does not proxy your AI prompts or store your AI keys.

cite.review's setup is easier to characterize as a controlled legal-tech workflow than public chatbot use, but privilege is still fact-specific and depends on provider terms, firm policy, and jurisdiction. For the most conservative path, use Step 1 only or a local model for Step 2.

Yes. cite.review is open source, which means the full code is publicly available for anyone to read. You do not have to take our word for how it works.

In practice, this means: if we say "your document never leaves your browser," you can open the code and confirm that is true. You are not relying on a privacy policy written by a lawyer to protect a business.

The code is on GitHub: github.com/kirinccchang/citereview. The frontend is a single HTML file. The backend worker is in worker/index.js.

If you do not read code, that is fine. Paste the relevant file into any AI model and ask: "Does this send my document to a server?" or "Where does this send my API key?" The AI can read it for you. If you find something that does not match what is described here, please open an issue.

Open an issue on GitHub: github.com/kirinccchang/citereview/issues.

Useful things to include in a bug report: what citation you were verifying, what result you expected, and what result you got. If the issue is a citation that should have been verified but wasn't, include the full citation text.

Yes. Pull requests are welcome. The codebase is Alpine.js + vanilla HTML/CSS/JS with a Cloudflare Worker backend. No build step required for the frontend.

Before opening a large PR, it's worth opening an issue first to discuss the approach, so effort isn't wasted on something that won't be merged for design or architectural reasons.

Yes. Sponsorship and collaboration are welcome, including from law school libraries, courts, law firms, bar associations, and nonprofit organizations.

If you want to support maintenance, fund new features, or pilot an institutional workflow, please contact Kirin Chang. The goal is to keep core citation-risk protections public, auditable, and practically useful.

The application itself is in English only. The README has a Traditional Chinese translation.

If there is sufficient interest in a localized UI, that can be considered. Feel free to open a feature request.