Dlazy Qwen Image 2 Pro
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed dLazy image-generation CLI wrapper that requires an API key and sends selected prompts or files to dLazy, with no artifact-backed hidden or destructive behavior found.
Install only if you trust the external @dlazy/cli package and dLazy service with your prompts and any files you pass as inputs. Prefer per-invocation DLAZY_API_KEY if you do not want a saved local credential, and avoid passing sensitive local files unless you intend them to be uploaded to dLazy.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
61/61 vendors flagged this skill as clean.