Exactly, flashbots and similar implement a gateway for submitting transactions directly to the miners. The transactions are only included if they succeed, because part of the transaction transfers payment to the miner for including it and another part of the transaction guarantees success only if it is profitable enough for the submitter. The transaction bundle is not mined unless it succeeds and thus avoids paying gas for failed attempts.
My point is that this is something the flashbot service does before submitting the transaction. There is nothing technical stopping them from submitting it or frontrunning it (besides destroying their reputation). In addition, when uncles and reorgs occur, the rest of the network sees the transaction, and hence could frontrun it / submit it and have it fail.