env-patch

该技能与其声明目的基本一致，但其目的本身是帮助 AI 代理逆向、补环境并绕过反调试来运行受保护浏览器 JS。未见明确凭证窃取或恶意外传，因此不像确认恶意软件；但它赋予代理高风险的安全/规避能力，并在 dynamic-loading 场景下执行来源未固定的远程 JS，整体应判为 SUSPICIOUS。

This document is a high-risk operational guide that facilitates executing opaque, obfuscated bytecode in-process (via custom interpreters or vm.runInThisContext) and describes patterns that create subtle cross-file/global interactions. While the text itself is not an active malware payload, the recommended workflow substantially increases supply-chain risk: extracted or dynamically loaded bytecode should be treated as potentially malicious and must be deobfuscated and sandbox-tested before any execution in trusted environments. Enforce strict isolation, code signing/verification, and runtime instrumentation when handling such SDKs.

This fragment is an explicit guide for spoofing/hiding Node.js runtime features to evade environment detection by security SDKs and VMPs. It prescribes deleting and redefining globals (Buffer, process, module, Error.prepareStackTrace, etc.) and altering descriptors and Symbol.toStringTag to misrepresent the host environment. While it does not itself contain a direct exfiltration or remote-access payload, these techniques are strong indicators of malicious/anti-analysis intent and would enable or conceal further malicious activity if used in a package. Treat code like this as high risk and suspicious in supply-chain context; require strong justification and code review before accepting/depending on it.