Initial commit: hardened DeerFlow factory
Vendored deer-flow upstream (bytedance/deer-flow) plus prompt-injection hardening: - New deerflow.security package: content_delimiter, html_cleaner, sanitizer (8 layers — invisible chars, control chars, symbols, NFC, PUA, tag chars, horizontal whitespace collapse with newline/tab preservation, length cap) - New deerflow.community.searx package: web_search, web_fetch, image_search backed by a private SearX instance, every external string sanitized and wrapped in <<<EXTERNAL_UNTRUSTED_CONTENT>>> delimiters - All native community web providers (ddg_search, tavily, exa, firecrawl, jina_ai, infoquest, image_search) replaced with hard-fail stubs that raise NativeWebToolDisabledError at import time, so a misconfigured tool.use path fails loud rather than silently falling back to unsanitized output - Native client back-doors (jina_client.py, infoquest_client.py) stubbed too - Native-tool tests quarantined under tests/_disabled_native/ (collect_ignore_glob via local conftest.py) - Sanitizer Layer 7 fix: only collapse horizontal whitespace, preserve newlines and tabs so list/table structure survives - Hardened runtime config.yaml references only the searx-backed tools - Factory overlay (backend/) kept in sync with deer-flow tree as a reference / source See HARDENING.md for the full audit trail and verification steps.
This commit is contained in:
112
deer-flow/skills/public/vercel-deploy-claimable/SKILL.md
Normal file
112
deer-flow/skills/public/vercel-deploy-claimable/SKILL.md
Normal file
@@ -0,0 +1,112 @@
|
||||
---
|
||||
name: vercel-deploy
|
||||
description: Deploy applications and websites to Vercel. Use this skill when the user requests deployment actions such as "Deploy my app", "Deploy this to production", "Create a preview deployment", "Deploy and give me the link", or "Push this live". No authentication required - returns preview URL and claimable deployment link.
|
||||
metadata:
|
||||
author: vercel
|
||||
version: "1.0.0"
|
||||
---
|
||||
|
||||
# Vercel Deploy
|
||||
|
||||
Deploy any project to Vercel instantly. No authentication required.
|
||||
|
||||
## How It Works
|
||||
|
||||
1. Packages your project into a tarball (excludes `node_modules` and `.git`)
|
||||
2. Auto-detects framework from `package.json`
|
||||
3. Uploads to deployment service
|
||||
4. Returns **Preview URL** (live site) and **Claim URL** (transfer to your Vercel account)
|
||||
|
||||
## Usage
|
||||
|
||||
```bash
|
||||
bash /mnt/skills/user/vercel-deploy/scripts/deploy.sh [path]
|
||||
```
|
||||
|
||||
**Arguments:**
|
||||
- `path` - Directory to deploy, or a `.tgz` file (defaults to current directory)
|
||||
|
||||
**Examples:**
|
||||
|
||||
```bash
|
||||
# Deploy current directory
|
||||
bash /mnt/skills/user/vercel-deploy/scripts/deploy.sh
|
||||
|
||||
# Deploy specific project
|
||||
bash /mnt/skills/user/vercel-deploy/scripts/deploy.sh /path/to/project
|
||||
|
||||
# Deploy existing tarball
|
||||
bash /mnt/skills/user/vercel-deploy/scripts/deploy.sh /path/to/project.tgz
|
||||
```
|
||||
|
||||
## Output
|
||||
|
||||
```
|
||||
Preparing deployment...
|
||||
Detected framework: nextjs
|
||||
Creating deployment package...
|
||||
Deploying...
|
||||
✓ Deployment successful!
|
||||
|
||||
Preview URL: https://skill-deploy-abc123.vercel.app
|
||||
Claim URL: https://vercel.com/claim-deployment?code=...
|
||||
```
|
||||
|
||||
The script also outputs JSON to stdout for programmatic use:
|
||||
|
||||
```json
|
||||
{
|
||||
"previewUrl": "https://skill-deploy-abc123.vercel.app",
|
||||
"claimUrl": "https://vercel.com/claim-deployment?code=...",
|
||||
"deploymentId": "dpl_...",
|
||||
"projectId": "prj_..."
|
||||
}
|
||||
```
|
||||
|
||||
## Framework Detection
|
||||
|
||||
The script auto-detects frameworks from `package.json`. Supported frameworks include:
|
||||
|
||||
- **React**: Next.js, Gatsby, Create React App, Remix, React Router
|
||||
- **Vue**: Nuxt, Vitepress, Vuepress, Gridsome
|
||||
- **Svelte**: SvelteKit, Svelte, Sapper
|
||||
- **Other Frontend**: Astro, Solid Start, Angular, Ember, Preact, Docusaurus
|
||||
- **Backend**: Express, Hono, Fastify, NestJS, Elysia, h3, Nitro
|
||||
- **Build Tools**: Vite, Parcel
|
||||
- **And more**: Blitz, Hydrogen, RedwoodJS, Storybook, Sanity, etc.
|
||||
|
||||
For static HTML projects (no `package.json`), framework is set to `null`.
|
||||
|
||||
## Static HTML Projects
|
||||
|
||||
For projects without a `package.json`:
|
||||
- If there's a single `.html` file not named `index.html`, it gets renamed automatically
|
||||
- This ensures the page is served at the root URL (`/`)
|
||||
|
||||
## Present Results to User
|
||||
|
||||
Always show both URLs:
|
||||
|
||||
```
|
||||
✓ Deployment successful!
|
||||
|
||||
- [Preview URL](https://skill-deploy-abc123.vercel.app)
|
||||
- [Claim URL](https://vercel.com/claim-deployment?code=...)
|
||||
|
||||
View your site at the Preview URL.
|
||||
To transfer this deployment to your Vercel account, visit the Claim URL.
|
||||
```
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
### Network Egress Error
|
||||
|
||||
If deployment fails due to network restrictions (common on claude.ai), tell the user:
|
||||
|
||||
```
|
||||
Deployment failed due to network restrictions. To fix this:
|
||||
|
||||
1. Go to https://claude.ai/settings/capabilities
|
||||
2. Add *.vercel.com to the allowed domains
|
||||
3. Try deploying again
|
||||
```
|
||||
Reference in New Issue
Block a user