linux-patcher
Automated Linux server patching and Docker container updates. Use when the user asks to update, patch, or upgrade Linux servers, apply security updates, update Docker containers, check for system updates, or manage server maintenance across multiple hosts. Supports Ubuntu, Debian, RHEL, AlmaLinux, Rocky Linux, CentOS, Amazon Linux, and SUSE. Includes PatchMon integration for automatic host detection and intelligent Docker handling.
Why use this skill?
Efficiently patch Linux servers and update Docker containers across your infrastructure. Supports multi-distribution environments with PatchMon integration.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/jgm2025/linux-patcherWhat This Skill Does
The linux-patcher skill is a robust automation tool designed to handle the maintenance of Linux server environments and Docker-based containerized applications. It simplifies the tedious task of keeping software packages current across heterogeneous infrastructure. By leveraging SSH key authentication and passwordless sudo, it performs non-interactive updates safely. The skill features deep integration with PatchMon, allowing for intelligent, automated discovery of hosts that require attention, and it intelligently distinguishes between system package upgrades and container refreshes.
Installation
To integrate this skill, use the ClawHub command-line interface. Execute the following command in your terminal: clawhub install openclaw/skills/skills/jgm2025/linux-patcher. Once installed, ensure that your environment meets the security requirements, specifically by configuring passwordless sudo for the target user account and verifying that your SSH keys are correctly propagated to the target servers. If you intend to use the automated PatchMon integration, initialize your credentials by copying the example configuration file: cp scripts/patchmon-credentials.example.conf ~/.patchmon-credentials.conf and updating it with your endpoint and authorization details.
Use Cases
This skill is perfect for system administrators and DevOps engineers managing multi-host environments. Use it for routine security patch deployment to minimize vulnerability windows, orchestrating large-scale Docker image updates across clusters, or preparing servers for maintenance windows without manual SSH entry. It is particularly effective when you have a mixed-distribution fleet including Ubuntu, Debian, RHEL, and AlmaLinux, as the script handles the logic for different package managers (apt, dnf, yum, zypper) automatically.
Example Prompts
- "Check for pending security updates on all production hosts and apply them if they are marked as critical."
- "Update all Docker containers on the web-server-cluster while leaving the underlying Linux packages untouched."
- "Run a dry-run update on the staging server group to see which packages will be upgraded without actually modifying the systems."
Tips & Limitations
Always prioritize the use of the --dry-run flag when patching mission-critical production servers to identify potential dependency conflicts. While the skill supports a wide range of distributions, note that only Ubuntu is currently tested for end-to-end reliability; other distributions should be verified in a non-production environment before wide deployment. Ensure that your SSH agent is running to allow for seamless multi-host authentication. Remember that this tool executes commands with root privileges; ensure your sudoers file is configured with the least-privilege principle to maintain security integrity.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-jgm2025-linux-patcher": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: network-access, file-read, code-execution
Related Skills
devialet
Control Devialet Phantom speakers via HTTP API. Use for: play/pause, volume control, mute/unmute, source selection, and speaker status. Requires DOS 2.14+ firmware. Works with Phantom I, Phantom II, Phantom Reactor, and Dialog.
veeam-mcp
Query Veeam Backup & Replication and Veeam ONE via MCP server running in Docker. Provides intelligent backup monitoring, job analysis, capacity planning, and infrastructure health checks.