This line ^^^ in particular looks interesting. Visiting the link /secretserverfile.py reveals the source code for the challenge, which includes some code about filtration.
if '{' in text or '}' in text:
text2=re.sub(r'\s','',text).lower()
illegal = ['"', 'class', '[', ']', 'dict', 'sys', 'os', 'eval', 'exec', 'config.']
So it seems like the challenge is to bypass the filter to read the strategy guide. Given flask is written in python, it would make sense to import a module that can execute commands; althought os is filtered, subprocess is not, and now the only challenge is figuring out how to import. After a fair bit of googling, it turns out
Can be used to import a module. Combining this with subprocess we get a final payload of:
and reading the file gives us: Best formation that wins every time:
DDDDD DLLLD DLHLD DLLLD DDDDD Key: D=Drone L=Landscaper H=HQ Beginning of game strategy: