diff --git a/capa/rules.py b/capa/rules.py
index eeb39ed4..b9a42056 100644
--- a/capa/rules.py
+++ b/capa/rules.py
@@ -6,6 +6,7 @@
 #  is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and limitations under the License.
 
+import re
 import uuid
 import codecs
 import logging
@@ -727,6 +728,14 @@ class Rule(object):
         # assumes features section always exists
         features_offset = doc.find("features")
         doc = doc[:features_offset] + doc[features_offset:].replace("  description:", "    description:")
+
+        # for negative hex numbers, yaml dump outputs:
+        # - offset: !!int '0x-30'
+        # we prefer:
+        # - offset: -0x30
+        # the below regex makes these adjustments and while ugly, we don't have to explore the ruamel.yaml insides
+        doc = re.sub(r"!!int '0x-([0-9a-fA-F]+)'", r"-0x\1", doc)
+
         return doc
 
 
diff --git a/scripts/capafmt.py b/scripts/capafmt.py
index dd234414..a0b2a7c6 100644
--- a/scripts/capafmt.py
+++ b/scripts/capafmt.py
@@ -14,7 +14,6 @@ Unless required by applicable law or agreed to in writing, software distributed
  is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and limitations under the License.
 """
-import re
 import sys
 import logging
 import argparse
@@ -60,9 +59,6 @@ def main(argv=None):
     rule = capa.rules.Rule.from_yaml_file(args.path, use_ruamel=True)
     reformatted_rule = rule.to_yaml()
 
-    # fix negative numbers
-    reformatted_rule = re.sub(r"!!int '0x-([0-9a-fA-F]+)'", r"-0x\1", reformatted_rule)
-
     if args.check:
         if rule.definition == reformatted_rule:
             logger.info("rule is formatted correctly, nice! (%s)", rule.name)
diff --git a/scripts/lint.py b/scripts/lint.py
index f040dfc1..1da338c1 100644
--- a/scripts/lint.py
+++ b/scripts/lint.py
@@ -14,7 +14,6 @@ Unless required by applicable law or agreed to in writing, software distributed
 See the License for the specific language governing permissions and limitations under the License.
 """
 import os
-import re
 import sys
 import time
 import string
@@ -298,12 +297,6 @@ class FormatIncorrect(Lint):
         actual = rule.definition
         expected = capa.rules.Rule.from_yaml(rule.definition, use_ruamel=True).to_yaml()
 
-        # fix negative numbers
-        # - offset: -0x30
-        # instead of
-        # - offset: !!int '0x-30'
-        expected = re.sub(r"!!int '0x-([0-9a-fA-F]+)'", r"-0x\1", expected)
-
         if actual != expected:
             diff = difflib.ndiff(actual.splitlines(1), expected.splitlines(1))
             self.recommendation = self.recommendation_template.format("".join(diff))