Reducing Entropy
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: reducing-entropy Version: 0.1.0 The OpenClaw AgentSkills bundle 'reducing-entropy' is benign. Its primary purpose is to provide an AI agent with a mindset and checklist for reducing code complexity and size. The `SKILL.md` instructs the agent to read and process files within its own `references/` directory to load 'mindsets', which is a legitimate internal operation for an AI agent to acquire context. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts designed to subvert the agent or perform harmful actions. The installation instructions in `README.md` use `npx add` which fetches code from a GitHub repository, a common but generally risky method, but in this context, it points to the skill's own source and does not indicate malicious intent within the skill itself.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used carelessly, the agent may remove code or tests that still matter.
The skill explicitly encourages code and test deletion during refactoring. This matches the skill's purpose, but code deletion is a meaningful repository mutation that should be reviewed.
NEVER refactor without deleting something ... Did I delete tests for deleted code?
Use this skill on a branch, review the diff carefully, and run tests before accepting deletions.
Running an unverified install command could install different content later if the remote branch changes.
The README suggests a user-run install command from an unpinned GitHub branch/path. It is not an automatic install step, but users should verify the source before running it.
npx add https://github.com/wpank/ai/tree/main/skills/testing/reducing-entropy
Prefer installing from a trusted registry or a pinned commit, and inspect the downloaded files before use.