DATA/deerflow-factory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
deerflow-factory/deer-flow/skills/public/find-skills/scripts/install-skill.sh
DATA 6de0bf9f5b Initial commit: hardened DeerFlow factory 
Vendored deer-flow upstream (bytedance/deer-flow) plus prompt-injection
hardening:

- New deerflow.security package: content_delimiter, html_cleaner,
  sanitizer (8 layers — invisible chars, control chars, symbols, NFC,
  PUA, tag chars, horizontal whitespace collapse with newline/tab
  preservation, length cap)
- New deerflow.community.searx package: web_search, web_fetch,
  image_search backed by a private SearX instance, every external
  string sanitized and wrapped in <<<EXTERNAL_UNTRUSTED_CONTENT>>>
  delimiters
- All native community web providers (ddg_search, tavily, exa,
  firecrawl, jina_ai, infoquest, image_search) replaced with hard-fail
  stubs that raise NativeWebToolDisabledError at import time, so a
  misconfigured tool.use path fails loud rather than silently falling
  back to unsanitized output
- Native client back-doors (jina_client.py, infoquest_client.py)
  stubbed too
- Native-tool tests quarantined under tests/_disabled_native/
  (collect_ignore_glob via local conftest.py)
- Sanitizer Layer 7 fix: only collapse horizontal whitespace, preserve
  newlines and tabs so list/table structure survives
- Hardened runtime config.yaml references only the searx-backed tools
- Factory overlay (backend/) kept in sync with deer-flow tree as a
  reference / source

See HARDENING.md for the full audit trail and verification steps.
2026-04-12 14:23:57 +02:00

63 lines
1.5 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
# Install a skill and link it to the project's skills/custom directory
# Usage: ./skills/install-skill.sh <owner/repo@skill-name>
# Example: ./skills/install-skill.sh vercel-labs/agent-skills@vercel-react-best-practices
set -e
if [[ -z "$1" ]]; then
echo "Usage: $0 <owner/repo@skill-name>"
echo "Example: $0 vercel-labs/agent-skills@vercel-react-best-practices"
exit 1
fi
FULL_SKILL_NAME="$1"
# Extract skill name (the part after @)
SKILL_NAME="${FULL_SKILL_NAME##*@}"
if [[ -z "$SKILL_NAME" || "$SKILL_NAME" == "$FULL_SKILL_NAME" ]]; then
echo "Error: Invalid skill format. Expected: owner/repo@skill-name"
exit 1
fi
# Find project root by looking for deer-flow.code-workspace
find_project_root() {
local dir="$PWD"
while [[ "$dir" != "/" ]]; do
if [[ -f "$dir/deer-flow.code-workspace" ]]; then
echo "$dir"
return 0
fi
dir="$(dirname "$dir")"
done
echo ""
return 1
}
PROJECT_ROOT=$(find_project_root)
if [[ -z "$PROJECT_ROOT" ]]; then
echo "Error: Could not find project root (deer-flow.code-workspace not found)"
exit 1
fi
SKILL_SOURCE="$HOME/.agents/skills/$SKILL_NAME"
SKILL_TARGET="$PROJECT_ROOT/skills/custom"
# Step 1: Install the skill using npx
npx skills add "$FULL_SKILL_NAME" -g -y > /dev/null 2>&1
# Step 2: Verify installation
if [[ ! -d "$SKILL_SOURCE" ]]; then
echo "Skill '$SKILL_NAME' installation failed"
exit 1
fi
# Step 3: Create symlink
mkdir -p "$SKILL_TARGET"
ln -sf "$SKILL_SOURCE" "$SKILL_TARGET/"
echo "Skill '$SKILL_NAME' installed successfully"
Reference in New Issue View Git Blame Copy Permalink