Dlazy Video Scenes

v1.0.4

Detects and splits videos into scene clips using ffmpeg, providing URLs for each clip without analyzing video content.

⭐ 0· 532·1 current·1 all-time

bydlazy@dlazyai

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for dlazyai/dlazy-video-scenes.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Dlazy Video Scenes" (dlazyai/dlazy-video-scenes) from ClawHub.
Skill page: https://clawhub.ai/dlazyai/dlazy-video-scenes
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install dlazy-video-scenes

ClawHub CLI

Package manager switcher

npx clawhub@latest install dlazy-video-scenes

Security Scan

Capability signals

Requires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill's name/description claim local ffmpeg-based scene detection and also alternately claim scene-level understanding vs 'only return clip URLs without content understanding' — the language is contradictory. The instructions actually invoke the dLazy CLI/service, not a local ffmpeg binary. That mismatch (ffmpeg mentioned but no local ffmpeg requirements or commands) is unexplained and could mislead users about where processing occurs (local vs cloud).

ℹ

Instruction Scope

Runtime instructions are narrowly scoped to running the dlazy CLI (dlazy video-scenes). They explicitly state that local video file paths will be uploaded to dlazy's OSS (oss.dlazy.com) and that prompts/parameters are sent to api.dlazy.com. This is expected for a cloud SaaS client, but it means user media will be transmitted off‑host; the agent instructions also contain mandatory user guidance for handling insufficient_balance and unauthorized responses (fine but prescriptive). The skill does not instruct reading unrelated system files or credentials.

Install Mechanism

Top-level registry data shows no install spec, but the SKILL.md embeds metadata that declares npm/npx as required and provides a pinned npm install (npm install -g @dlazy/cli@1.0.6) and npx alternative. This inconsistency between registry metadata and the skill file is confusing. The install source (npm/@dlazy/cli) is a public registry (moderate risk) and the skill suggests using npx to avoid persisting a binary. There is no direct arbitrary URL download, which is good, but the mismatch should be clarified and the upstream package audited before installing.

ℹ

Credentials

Registry lists no required env vars, yet SKILL.md requires a dLazy API key (can be stored via `dlazy auth set` or passed via DLAZY_API_KEY). Requesting a single service API key is proportionate for this functionality. However the skill will write the key into ~/.dlazy/config.json (or Windows equivalent), so users should verify the config path and file permissions and be aware media is uploaded to the vendor's storage.

✓

Persistence & Privilege

Skill does not request always:true and does not claim elevated platform privileges. The only persistence is the normal CLI behavior of storing an API key in the user's config file. The skill does not attempt to modify other skills or system-wide agent settings in the provided instructions.

Scan Findings in Context

[embedded_metadata_declares_install] unexpected: SKILL.md contains metadata.clawdbot fields requiring bins ['npm','npx'] and a pinned install string (npm install -g @dlazy/cli@1.0.6) and configLocation. The registry-level metadata provided to the evaluator indicated no install spec or required binaries; the embedded install metadata is inconsistent with the top-level manifest and should be resolved. Using npm/npx for a CLI package is plausible for a SaaS client, but the inconsistency is unexpected.

[api_endpoints_and_config_location_present] expected: SKILL.md documents api.dlazy.com and oss.dlazy.com as endpoints and a configLocation (~/.dlazy/config.json). This is consistent with a cloud CLI client that needs an API key and uploads media; these entries are expected for the stated purpose but signal that media and keys will be transmitted/stored externally.

What to consider before installing

Before installing or invoking this skill: 1) Clarify whether scene detection runs locally (ffmpeg) or on dLazy's servers — the SKILL.md is contradictory. If processing is cloud‑side, understand that any local video paths you pass will be uploaded to dlazy's storage (oss.dlazy.com). 2) Inspect the upstream npm package and GitHub repo (@dlazy/cli) before installing; prefer npx for one‑off runs if you don't want a global binary. 3) Be aware the CLI stores your API key in ~/.dlazy/config.json (check file permissions) and only provide a key you trust; rotate/revoke it if needed. 4) Avoid uploading sensitive videos until you confirm dLazy's privacy/retention policies. 5) Ask the publisher to correct the manifest inconsistencies (install spec, required binaries, and whether content understanding is performed) — the conflicting descriptions reduce trust. If you need help auditing the npm package or the repo, get a developer to review the code before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk972f0w7s8zdf96yv1h5b586w185mbh5

532downloads

0stars

5versions

Updated 1d ago

v1.0.4

MIT-0

dlazy-video-scenes

English · 中文

Scene split tool: uses ffmpeg to detect and split a video into scene clips, returning only the clip URLs without video content understanding.

Trigger Keywords

video-scenes

Authentication

All requests require a dLazy API key, configured through the CLI:

dlazy auth set YOUR_API_KEY

The CLI saves the key in your user config directory (~/.dlazy/config.json on macOS/Linux, %USERPROFILE%\.dlazy\config.json on Windows), with file permissions restricted to your OS user account. You can also supply the key per-invocation via the DLAZY_API_KEY environment variable.

Getting Your API Key

Sign in or create an account at dlazy.com
Go to dlazy.com/dashboard/organization/api-key
Copy the key shown in the API Key section

Each key is scoped to your dLazy organization and can be rotated or revoked at any time from the same dashboard.

About & Provenance

CLI source code: github.com/dlazyai/cli
Maintainer: dlazyai
npm package: @dlazy/cli (pinned to 1.0.6 in this skill's install spec)
Homepage: dlazy.com

You can install on demand without persisting a global binary by running:

npx @dlazy/cli@1.0.6 <command>

Or, if you prefer a global install, the skill's metadata.clawdbot.install field declares the exact pinned version (npm install -g @dlazy/cli@1.0.6). Review the GitHub source before installing.

How It Works

This skill is a thin client over the dLazy hosted API. When you invoke it:

Prompts and parameters you provide are sent to the dLazy API endpoint (api.dlazy.com) for inference.
Any local file paths you pass to image / video / audio fields are uploaded to dLazy's media storage (oss.dlazy.com) so the model can read them — the same flow as any cloud-based generation API.
Generated output URLs returned by the API are hosted on oss.dlazy.com.

This is the standard SaaS pattern; the skill itself does not access network or filesystem resources beyond what the dLazy CLI already handles. See dlazy.com for the full service terms.

Usage

CRITICAL INSTRUCTION FOR AGENT: Execute dlazy video-scenes to get the result.

dlazy video-scenes -h

Options:
  --video <video>                      Video (URL) [video: url or local path]
  --durationSeconds <durationSeconds>  Duration (s)
  --input <spec>                       JSON payload: inline string, @file, or - (stdin)
  --dry-run                            Print payload + cost estimate without calling API
  --no-wait                            Return generateId immediately for async tasks
  --timeout <seconds>                  Max seconds to wait for async completion (default: "1800")
  -h, --help                           display help for command

Output Format

{
  "ok": true,
  "kind": "text",
  "data": {
    "text": "..."
  }
}

Examples

dlazy video-scenes --prompt 'prompt content'

Error Handling

Code	Error Type	Example Message
401	Unauthorized (No API Key)	`ok: false, code: "unauthorized", message: "API key is missing or invalid"`
501	Missing required parameter	`error: required option '--prompt <prompt>' not specified`
502	Local file read error	`Error: Image file/Video file not found: C:\path\to\your\file`
503	API request failed (no balance)	`ok: false, code: "insufficient_balance"`
503	API request failed (server error)	`HTTP status code error (500 server crash)`
504	Asynchronous task execution failed	`=== Generation Failed ===` / `{Specific error reason returned by backend, for example "Prompt violates safety policy"}`

AGENT CRITICAL INSTRUCTION:

If the execution result returns code: "insufficient_balance", you MUST explicitly inform the user that their credits are insufficient and guide them to recharge: https://dlazy.com/dashboard/organization/settings?tab=credits

If the execution result returns code: "unauthorized" or indicates missing API key, you MUST inform the user to get their API key from https://dlazy.com/dashboard/organization/api-key and save it using dlazy auth set <key> and resume the task.

Tips

Visit https://dlazy.com for more information.

Comments

Loading comments...