Rxtool
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Rxtool appears to be a straightforward local regular-expression utility with no evidence of network access, credential use, persistence, or hidden behavior.
This skill looks safe for local regex work. Only provide text you are comfortable processing and potentially seeing printed in the terminal or logs, and be cautious with very large inputs or unusually complex regex patterns.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill means allowing the agent to run this local Python script for regex operations.
The skill's normal operation is to execute the included local Python CLI. This is expected for the stated purpose and the provided code uses only standard-library regex, argument parsing, stdin, and printing.
python3 scripts/rxtool.py test '(\d+)-(\d+)' "order-123-456"
Review the included script if desired and use it only for text you intend to process locally.
A poorly chosen regex or very large input could make the local command slow or CPU-heavy.
The tool intentionally runs user-supplied regex patterns against supplied or stdin text without size or timeout controls, which is typical for a simple regex utility but can be resource-intensive for pathological patterns or very large inputs.
pattern = re.compile(args.pattern, flags=get_flags(args)) text = args.text if args.text else sys.stdin.read() matches = list(pattern.finditer(text))
Avoid running untrusted complex regexes on large inputs, or interrupt the command if it appears to hang.