Dlazy Image Replicate

v1.0.5

Analyzes an image's style, composition, and lighting to generate a new image in the same style using Seedream 4.5.

⭐ 0· 105·1 current·1 all-time

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for dlazyai/dlazy-image-replicate.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Dlazy Image Replicate" (dlazyai/dlazy-image-replicate) from ClawHub.
Skill page: https://clawhub.ai/dlazyai/dlazy-image-replicate
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install dlazy-image-replicate

ClawHub CLI

Package manager switcher

npx clawhub@latest install dlazy-image-replicate

Security Scan

Capability signals

Requires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The described capability (analyze an image and call dLazy/Seedream to generate a new image) matches the instructions: calls to api.dlazy.com and uploads to oss.dlazy.com make sense. However, the registry metadata (earlier summary) lists no required binaries or env vars, while SKILL.md metadata declares npm/npx and an install (npm install -g @dlazy/cli@1.0.6) and describes an API key. That mismatch is an inconsistency (likely sloppy packaging) but not in itself malicious.

ℹ

Instruction Scope

SKILL.md directs the agent to run `dlazy image-replicate`, upload any local files passed to the CLI to oss.dlazy.com, and to inform users about insufficient_balance/unauthorized errors. Those steps are within the stated purpose. It does explicitly reference the user config file (~/.dlazy/config.json) and an optional DLAZY_API_KEY env var — so the agent or user must be aware that local images and an API key may be uploaded/transmitted to the provider.

ℹ

Install Mechanism

There is no install spec recorded in the registry metadata summary, but SKILL.md includes metadata recommending installing @dlazy/cli from npm (or using npx). Installing from npm is a reasonable, traceable mechanism (npmjs/GitHub are standard), but the discrepancy between 'no install spec' and embedded install instructions should be resolved. No obscure download URLs or extract/install from untrusted hosts are present.

ℹ

Credentials

The skill legitimately requires a dLazy API key to call the hosted API; storing that key in ~/.dlazy/config.json or using DLAZY_API_KEY is standard. However, the skill registry declared 'Required env vars: none' which contradicts the SKILL.md. The single credential request (API key) is proportionate to the function, but the metadata mismatch is concerning and should be clarified.

✓

Persistence & Privilege

The skill does not request always:true or other elevated system privileges. It expects the CLI to store an API key in the user's config directory (~/.dlazy/config.json), which is normal for a CLI tool. Autonomous invocation is allowed by default (platform normal) and does not by itself increase risk here.

What to consider before installing

This skill appears to be a thin client for the dLazy service and needs a dLazy API key and the @dlazy/cli (installable via npm/npx). However, the registry metadata and the SKILL.md disagree about required binaries and env vars — that inconsistency is a red flag. Before installing or providing secrets: 1) Verify the npm package (@dlazy/cli@1.0.6) publisher and review the GitHub repo linked in SKILL.md to ensure code matches claims. 2) Prefer using `npx` to avoid a global install if you don't trust the package yet. 3) Do not upload or process sensitive images you wouldn't want sent to a third party—the CLI will upload provided local files to oss.dlazy.com. 4) If you proceed, use a scoped/rotatable API key, confirm file permission settings on ~/.dlazy/config.json, and be ready to rotate or revoke the key if anything looks suspicious. 5) If you need certainty, ask the publisher or the registry owner to resolve the metadata mismatch (declare required binaries/env vars/install spec) before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk971x4n76x06w4hxbmmm08e2b585m7s9

105downloads

0stars

5versions

Updated 22h ago

v1.0.5

MIT-0

dlazy-image-replicate

English · 中文

Image replicate tool: analyzes the visuals, composition, colors, lighting, and style of the source image, builds a replicate prompt, and hands it off to Seedream 4.5 to generate a new image in the same style.

Trigger Keywords

image-replicate

Authentication

All requests require a dLazy API key, configured through the CLI:

dlazy auth set YOUR_API_KEY

The CLI saves the key in your user config directory (~/.dlazy/config.json on macOS/Linux, %USERPROFILE%\.dlazy\config.json on Windows), with file permissions restricted to your OS user account. You can also supply the key per-invocation via the DLAZY_API_KEY environment variable.

Getting Your API Key

Sign in or create an account at dlazy.com
Go to dlazy.com/dashboard/organization/api-key
Copy the key shown in the API Key section

Each key is scoped to your dLazy organization and can be rotated or revoked at any time from the same dashboard.

About & Provenance

CLI source code: github.com/dlazyai/cli
Maintainer: dlazyai
npm package: @dlazy/cli (pinned to 1.0.6 in this skill's install spec)
Homepage: dlazy.com

You can install on demand without persisting a global binary by running:

npx @dlazy/cli@1.0.6 <command>

Or, if you prefer a global install, the skill's metadata.clawdbot.install field declares the exact pinned version (npm install -g @dlazy/cli@1.0.6). Review the GitHub source before installing.

How It Works

This skill is a thin client over the dLazy hosted API. When you invoke it:

Prompts and parameters you provide are sent to the dLazy API endpoint (api.dlazy.com) for inference.
Any local file paths you pass to image / video / audio fields are uploaded to dLazy's media storage (oss.dlazy.com) so the model can read them — the same flow as any cloud-based generation API.
Generated output URLs returned by the API are hosted on oss.dlazy.com.

This is the standard SaaS pattern; the skill itself does not access network or filesystem resources beyond what the dLazy CLI already handles. See dlazy.com for the full service terms.

Usage

CRITICAL INSTRUCTION FOR AGENT: Execute dlazy image-replicate to get the result.

dlazy image-replicate -h

Options:
  --images <images...>                 Images [image: url or local path]
  --input <spec>                       JSON payload: inline string, @file, or - (stdin)
  --dry-run                            Print payload + cost estimate without calling API
  --no-wait                            Return generateId immediately for async tasks
  --timeout <seconds>                  Max seconds to wait for async completion (default: "1800")
  -h, --help                           display help for command

Output Format

{
  "ok": true,
  "kind": "urls",
  "data": {
    "urls": [
      "https://oss.dlazy.com/result.mp4"
    ]
  }
}

Examples

dlazy image-replicate --prompt 'prompt content'

Error Handling

Code	Error Type	Example Message
401	Unauthorized (No API Key)	`ok: false, code: "unauthorized", message: "API key is missing or invalid"`
501	Missing required parameter	`error: required option '--prompt <prompt>' not specified`
502	Local file read error	`Error: Image file/Video file not found: C:\path\to\your\file`
503	API request failed (no balance)	`ok: false, code: "insufficient_balance"`
503	API request failed (server error)	`HTTP status code error (500 server crash)`
504	Asynchronous task execution failed	`=== Generation Failed ===` / `{Specific error reason returned by backend, for example "Prompt violates safety policy"}`

AGENT CRITICAL INSTRUCTION:

If the execution result returns code: "insufficient_balance", you MUST explicitly inform the user that their credits are insufficient and guide them to recharge: https://dlazy.com/dashboard/organization/settings?tab=credits

If the execution result returns code: "unauthorized" or indicates missing API key, you MUST inform the user to get their API key from https://dlazy.com/dashboard/organization/api-key and save it using dlazy auth set <key> and resume the task.

Tips

Visit https://dlazy.com for more information.

Comments

Loading comments...