Is jgm2025/linux-patcher safe?

https://github.com/openclaw/skills/tree/main/skills/jgm2025/linux-patcher

98
SAFE

This is a legitimate Linux server patching and Docker container management tool with comprehensive documentation and professional development practices. The skill follows security best practices and contains no malicious code, prompt injection, or data exfiltration attempts.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (2)

LOW High Privilege System Administration Scripts -5

The skill contains shell scripts that execute system administration commands with elevated privileges, including sudo operations, system updates, and Docker container management. While this is necessary for the legitimate functionality of a Linux patching tool, it represents inherent security considerations that users should be aware of.

INFO Requires Significant System Privileges -10

This skill is designed for system administrators and requires SSH access with passwordless sudo privileges on target hosts. While the skill follows security best practices (SSH keys, restricted sudo permissions), the high privilege requirements are worth noting.