Munger Observer
v1.0.0Daily wisdom review applying Charlie Munger's mental models to your work and thinking. Use when asked to review decisions, analyze thinking patterns, detect biases, apply mental models, do a "Munger review", or run the Munger Observer. Triggers on scheduled daily reviews or manual requests like "run munger observer", "review my thinking", "check for blind spots", or "apply mental models".
⭐ 3· 2.8k·7 current·10 all-time
byJonathan Rhyne@jdrhyne
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the runtime instructions: the skill's goal is to review recent activity and detect cognitive biases, and the SKILL.md directs the agent to gather recent decisions/tasks and apply mental models. Access to memory and session logs is coherent with that purpose.
Instruction Scope
Instructions tell the agent to read today's memory file (memory/YYYY-MM-DD.md) and to scan 'session logs' for today's activity. That behavior is expected for a review task, but the skill does not declare those config paths in its metadata and 'session logs' is unspecified — the agent could access different log locations depending on implementation. This is a privacy scope note rather than a clear mismatch in intent.
Install Mechanism
There is no install spec or code — the skill is instruction-only, so nothing is downloaded or written to disk. This minimizes supply-chain risk.
Credentials
Skill declares no environment variables, credentials, or config paths. The runtime instructions reference local files (memory and logs) but do not request cloud keys or unrelated secrets. The requested access is proportionate for the stated purpose.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent/system-wide privileges. Scheduling is optional and uses a suggested trigger message (MUNGER_OBSERVER_RUN), which is a benign convenience but should be configured deliberately.
Assessment
The skill appears internally consistent, but it will read your local memory file and session logs to do reviews. Before enabling automated runs, confirm where those files live and what they contain (they may include sensitive text, PII, or secrets). Prefer manual invocation initially, inspect a sample report, and if you enable scheduling, restrict the skill's file-access scope or retention. If you want stronger guarantees, ask the author to declare the exact config paths the skill will read (or modify the SKILL.md to limit log sources) so you can audit access.Like a lobster shell, security has layers — review code before you run it.
latestvk9742eags217328p133j8yfyj97zgkse
License
MIT-0
Free to use, modify, and redistribute. No attribution required.