skills/deerflow2
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c0233cae26
deerflow2/backend/packages/harness/deerflow
History
Willem Jiang a814ab50b5
fix(skills): make security scanner JSON parsing robust for LLM output variations (#2987) 
The moderation model's response was silently falling through to a
  conservative block when LLMs wrapped structured output in markdown
  code fences, added prose around the JSON, returned case-variant
  decisions (e.g. "Allow"), or included nested braces in the reason
  field. The greedy `\{.*\}` regex also over-matched on nested braces.

  - Rewrite _extract_json_object() with markdown fence stripping and
    brace-balanced string-aware extraction
  - Normalize decision field to lowercase for case-insensitive matching
  - Distinguish "model unavailable" from "unparseable output" in fallback
  - Strengthen system prompt to explicitly forbid code fences and prose
  - Add 15 tests covering all reported scenarios

  Fixes #2985
2026-05-17 08:59:42 +08:00
..
agents fix(middleware): Prevent todo completion reminder IMMessage leak (#2907) 2026-05-15 22:12:37 +08:00
community fix: Supplement list_running in RemoteSandboxBackend (#2716) 2026-05-05 18:53:10 +08:00
config enable token usage by default (#2841) 2026-05-10 22:00:57 +08:00
guardrails feat(guardrails): add pre-tool-call authorization middleware with pluggable providers (#1240) 2026-03-23 18:07:33 +08:00
mcp fix(harness): wrap async-only config tools for sync client execution (#2878) 2026-05-11 22:14:13 +08:00
models feat: static system prompt with DynamicContextMiddleware for prefix-cache optimization (#2801) 2026-05-09 09:27:02 +08:00
persistence fix(persistence): reuse token usage model grouping expression (#2910) 2026-05-13 15:49:34 +08:00
reflection refactor: split backend into harness (deerflow.*) and app (app.*) (#1131) 2026-03-14 22:55:52 +08:00
runtime fix(runtime): avoid postgres aggregate row lock (#2962) 2026-05-15 10:32:09 +08:00
sandbox fix(sandbox): uphold /mnt/user-data contract at Sandbox API boundary (#2873) (#2881) 2026-05-17 08:26:04 +08:00
skills fix(skills): make security scanner JSON parsing robust for LLM output variations (#2987) 2026-05-17 08:59:42 +08:00
subagents fix(subagents): consolidate system_prompt and skills into single SystemMessage (#2701) 2026-05-11 09:59:06 +08:00
tools feat: stream subagent token usage to header via terminal task events (#2882) 2026-05-13 23:52:19 +08:00
tracing feat(tracing): add optional Langfuse support (#1717) 2026-04-02 13:06:10 +08:00
uploads fix(uploads): add Windows support for safe symlink-protected uploads (#2794) 2026-05-09 18:21:54 +08:00
utils fix(gateway): return ISO 8601 timestamps from threads endpoints (#2599) 2026-05-02 15:16:16 +08:00
__init__.py refactor: split backend into harness (deerflow.*) and app (app.*) (#1131) 2026-03-14 22:55:52 +08:00
client.py feat: refine token usage display modes (#2329) 2026-05-04 09:56:16 +08:00