ClawHub

Munger Decision Free

v1.2.4

Charlie Munger's mental model decision assistant. Analyzes your decision scenario, recommends the most relevant thinking models, and guides you through struc...

1· 55·0 current·0 all-time
byDavid@cdz0451
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, SKILL.md, and included code/data (detector, recommender, dialogue, reporter, model data and reference docs) align: this is a local decision-assistant implemented in Node/TypeScript and no capabilities appear unrelated to that purpose.
Instruction Scope
SKILL.md limits runtime behavior to scenario detection, model recommendation, guided Q&A, and report generation. Example commands and API usage target the packaged code; there are no instructions to read unrelated system files, access credentials, or post data to unexpected external endpoints (other than an optional upgrade link in README).
Install Mechanism
The skill is instruction-only (no install spec) which is lower-risk. However the bundle includes full source, package.json, and a large package-lock — if you run npm install locally you will pull many dev packages from the npm registry. Nothing in the manifest points to downloads from untrusted URLs, but running npm install would be the main friction point if you choose to execute the code.
Credentials
The skill declares no required environment variables, no credentials, and no special config paths. SKILL.md mentions using an LLM as a fallback in detection logic, but this appears to rely on the agent/platform LLM (no keys requested).
Persistence & Privilege
The skill does not request always:true and does not declare persistent system-wide config or cross-skill modifications. It is user-invocable and may be autonomously invoked per platform defaults (normal behavior).
Assessment
This package appears to be a coherent, local Node/TypeScript decision-assistant. Before installing or executing any code: 1) inspect src/index.ts and any network/HTTP calls (none were obvious in provided excerpts) to confirm no unexpected endpoints; 2) if you run npm install, do so in a sandbox/container because the package-lock will pull many dev packages; 3) note the README contains a Gumroad upgrade link (for paid full version) — that is a marketing link, not required for the free skill; 4) if you only want to use the skill via the platform, no credentials are required. If you want extra assurance, ask for a quick scan of src/index.ts and any files that perform network I/O so I can point out any outgoing connections or data‑export behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk97eeg4qw2xh7r66yhhs5q8egs83xrps

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
Binsnode

Comments