Skip to main content

raxe scan

Scan text for threats. 
raxe scan "text to scan"

Options

OptionDescription
--formatOutput format: text, json
--ciCI mode (JSON + exit code 1 on threats)
--explainShow detailed explanations
--ruleTest specific rule only
--tenantTenant ID for multi-tenant scanning
--appApp ID within tenant
--policyOverride policy for this scan

Examples

# Basic scan
raxe scan "Ignore all previous instructions"

# JSON output
raxe scan "text" --format json

# CI mode
raxe scan "text" --ci

# With explanations
raxe scan "text" --explain

# Multi-tenant scanning
raxe scan "text" --tenant acme --app chatbot

# Override policy
raxe scan "text" --tenant acme --policy strict

raxe batch

Scan multiple prompts from file. 
raxe batch prompts.txt

Options

OptionDescription
--formatOutput format: text, json, csv
--outputWrite results to file

Examples

# Scan from file
raxe batch prompts.txt

# Output to JSON file
raxe batch prompts.txt --format json --output results.json

# From stdin
cat prompts.txt | raxe batch -

raxe repl

Interactive scanning mode. 
raxe repl

REPL Commands

CommandDescription
scan <text>Scan text
rulesList loaded rules
statsShow session stats
clearClear screen
helpShow help
quitExit REPL

raxe rules

Manage detection rules. 
raxe rules list
raxe rules show <rule-id>

Subcommands

CommandDescription
listList all rules
show <id>Show rule details
search <query>Search rules

Examples

# List all rules
raxe rules list

# Filter by family
raxe rules list --family PI

# Show specific rule
raxe rules show pi-001

# Search rules
raxe rules search "injection"

raxe doctor

System health check. 
raxe doctor

Output

RAXE Health Check

 Configuration file exists
 Rules loaded successfully (460 rules)
 Database initialized
 ML model available
 Telemetry endpoint reachable

System ready!

raxe stats

View scan statistics. 
raxe stats

Options

OptionDescription
--periodTime period: today, week, month, all

Output

RAXE Statistics (This Week)

Scans: 1,234
Threats Detected: 56
Detection Rate: 4.5%

Top Rules:
  1. pi-001 (23 detections)
  2. jb-003 (12 detections)
  3. pii-042 (8 detections)

raxe config

Manage configuration. 
raxe config show
raxe config set <key> <value>

Subcommands

CommandDescription
showShow current config
set <key> <value>Set config value
resetReset to defaults

Examples

# Show config
raxe config show

# Set log level
raxe config set log_level DEBUG

# Reset config
raxe config reset

raxe init

Initialize RAXE configuration. 
raxe init
Creates:
  • ~/.raxe/config.yaml
  • ~/.raxe/raxe.db

raxe export

Export scan history. 
raxe export --format json --output history.json

Options

OptionDescription
--formatOutput format: json, csv
--outputOutput file path
--sinceExport from date

raxe tenant

Manage tenants for multi-customer deployments. 
raxe tenant <subcommand>

Subcommands

CommandDescription
createCreate a new tenant
listList all tenants
show <id>Show tenant details
delete <id>Delete a tenant

Examples

# Create a tenant
raxe tenant create --name "Acme Corp" --id acme

# Create with strict policy
raxe tenant create --name "Security Team" --id security --policy strict

# List tenants
raxe tenant list
raxe tenant list --output json

# Delete tenant
raxe tenant delete acme --force

raxe app

Manage applications within tenants. 
raxe app <subcommand>

Subcommands

CommandDescription
createCreate a new app
listList apps for a tenant
show <id>Show app details
delete <id>Delete an app

Examples

# Create an app
raxe app create --tenant acme --name "Chatbot" --id chatbot

# Create with strict policy
raxe app create --tenant acme --name "Trading" --id trading --policy strict

# List apps
raxe app list --tenant acme

# Show details
raxe app show chatbot --tenant acme

raxe policy

Manage security policies for tenants. 
raxe policy <subcommand>

Subcommands

CommandDescription
listList available policies
set <policy>Set default policy
explainShow policy resolution
createCreate custom policy

Examples

# List policies (presets + custom)
raxe policy list --tenant acme

# Set tenant default
raxe policy set balanced --tenant acme

# Set app-specific policy
raxe policy set strict --tenant acme --app trading

# Explain resolution chain
raxe policy explain --tenant acme --app trading

Policy Modes

ModeBehavior
monitorNever blocks, logs everything
balancedBlocks CRITICAL, HIGH with confidence ≥ 0.85
strictBlocks CRITICAL, HIGH, and MEDIUM

raxe suppress

Manage suppression rules for false positives. 
raxe suppress <subcommand>

Subcommands

CommandDescription
listList all active suppressions
add <pattern>Add a new suppression
remove <pattern>Remove a suppression
auditView suppression audit log

Examples

# List all suppressions
raxe suppress list

# Add a suppression with reason
raxe suppress add pi-001 --reason "Known false positive in auth flow"

# Add with expiration
raxe suppress add "jb-*" --reason "Test suite" --expires 2025-06-01

# Tenant-scoped suppression
raxe suppress add pi-001 --tenant acme --reason "Tenant-specific false positive"
raxe suppress list --tenant acme

# Remove a suppression
raxe suppress remove pi-001

# View audit log
raxe suppress audit

Options for add

OptionDescription
--reasonRequired reason for the suppression
--expiresExpiration date (ISO 8601 format)
--actionOverride action: SUPPRESS, FLAG, LOG
--tenantTenant ID for tenant-scoped suppression

raxe validate-rule

Validate a custom rule file. 
raxe validate-rule path/to/rule.yaml

Output

Validating rule.yaml...

 YAML syntax valid
 Schema compliance OK
 Pattern compiles successfully
 No catastrophic backtracking
 Examples pass

Rule is valid!