@jshookmcp/jshook 0.1.5 → 0.1.7

package/README.md

@@ -8,7 +8,7 @@
 
 English | [中文](./README.zh.md)
 
-An MCP (Model Context Protocol) server providing **244 built-in tools** — **236 domain tools across 16 domains** plus **8 built-in meta-tools** — with runtime extension loading from `plugins/` and `workflows/` for AI-assisted JavaScript analysis and security analysis. Combines browser automation, Chrome DevTools Protocol debugging, network monitoring, intelligent JavaScript hooks, LLM-powered code analysis, process/memory inspection, WASM toolchain, binary encoding, anti-anti-debug, GraphQL discovery, source map reconstruction, AST transforms, crypto reconstruction, platform package analysis, Burp Suite / native analysis tool bridges, human behavior simulation, CAPTCHA solving, batch account workflows, and high-level composite workflow orchestration in a single server.
+An MCP (Model Context Protocol) server providing **245 built-in tools** — **237 domain tools across 16 domains** plus **8 built-in meta-tools** — with runtime extension loading from `plugins/` and `workflows/` for AI-assisted JavaScript analysis and security analysis. Combines browser automation, Chrome DevTools Protocol debugging, network monitoring, intelligent JavaScript hooks, LLM-powered code analysis, process/memory inspection, WASM toolchain, binary encoding, anti-anti-debug, GraphQL discovery, source map reconstruction, AST transforms, crypto reconstruction, platform package analysis, Burp Suite / native analysis tool bridges, human behavior simulation, CAPTCHA solving, batch account workflows, and high-level composite workflow orchestration in a single server.
 
 ## Start Here
 
@@ -21,6 +21,9 @@ An MCP (Model Context Protocol) server providing **244 built-in tools** — **23
 
 ## Features
 
+<details>
+<summary>Open the full feature list</summary>
+
 - **Browser Automation** — Launch Chromium/Camoufox, navigate pages, interact with the DOM, take screenshots, manage cookies and storage
 - **CDP Debugger** — Set breakpoints, step through execution, inspect scope variables, watch expressions, session save/restore
 - **Network Monitoring** — Capture requests/responses, filter by URL or method, retrieve response bodies, paginated access with `offset+limit`
@@ -53,20 +56,25 @@ An MCP (Model Context Protocol) server providing **244 built-in tools** — **23
 - **Native Analysis Tool Bridge** — Ghidra and IDA Pro bridge: decompile functions, list symbols, run scripts, cross-reference analysis; loopback-only SSRF protection
 - **Batch Account Registration** — Orchestrate multi-account registration with per-account retry, capped exponential backoff, idempotent key deduplication, PII masking, timeout cleanup
 - **Stealth Injection** — Anti-detection patches for headless browser fingerprinting
-- **Process & Memory** — Cross-platform process enumeration, memory read/write/scan, DLL/shellcode injection (Windows), Electron app attachment
+- **Process & Memory** — Cross-platform process enumeration, memory read/write/scan with structured diagnostics, in-memory audit export, controlled DLL/shellcode injection (Windows, disabled by default), Electron app attachment
 - **Performance** — Smart caching, token budget management, code coverage, progressive tool disclosure with lazy domain initialization, BM25 search-based discovery (~800 tokens init for search profile vs ~18K for full)
 - **B-Skeleton Contracts** — Extensibility contracts for plugins (`PluginContract` with lifecycle state machine), workflows (`WorkflowContract` with declarative DAG builder), and observability (`InstrumentationContract` with noop default + OTLP-ready span/metric interface)
 - **Domain Self-Discovery** — Runtime manifest scanning (`domains/*/manifest.ts`) replaces hardcoded imports; add new tool domains by creating a single `manifest.ts` file — no manual wiring needed
 - **Security** — Bearer token auth (`MCP_AUTH_TOKEN`), Origin-based CSRF protection, per-hop SSRF validation, symlink-safe path handling, PowerShell injection prevention
 
+</details>
+
 ## Architecture
 
+<details>
+<summary>Open architecture notes</summary>
+
 Built on `@modelcontextprotocol/sdk` v1.27+ using the **McpServer high-level API**:
 
 - All tools registered via `server.registerTool()` — no manual request handlers
 - Tool schemas built dynamically from JSON Schema (input validated per-tool by domain handlers)
 - **Four tool profiles**: `search` (BM25 discovery), `minimal` (fast startup), `workflow` (end-to-end JavaScript and security analysis), `full` (all domains)
-- **Progressive discovery**: `search` profile exposes 10 maintenance-domain tools + 8 built-in meta-tools; `search_tools` covers built-ins plus loaded plugins/workflows, and workflow/full-tier sessions boost workflow-domain results
+- **Progressive discovery**: `search` profile exposes 12 maintenance-domain tools + 8 built-in meta-tools; `search_tools` covers built-ins plus loaded plugins/workflows, and workflow/full-tier sessions boost workflow-domain results
 - **Domain self-discovery**: at startup the registry scans `domains/*/manifest.ts` via dynamic ESM import — new domains are auto-detected without modifying any central file
 - **DomainManifest contract**: each domain exports a standardized manifest (`kind`, `version`, `domain`, `depKey`, `profiles`, `registrations`, `ensure`) — profile membership, tool definitions, and handler factories all co-located in one file
 - **Lazy domain initialization**: handler classes instantiated on first tool invocation via Proxy, not during init
@@ -74,6 +82,8 @@ Built on `@modelcontextprotocol/sdk` v1.27+ using the **McpServer high-level API
 - Two transport modes: **stdio** (default) and **Streamable HTTP** (MCP current revision)
 - Capabilities: `{ tools: { listChanged: true }, logging: {} }`
 
+</details>
+
 ## Requirements
 
 - Node.js >= 20
@@ -132,6 +142,8 @@ On Windows, common cache locations are:
 
 ## Configuration
 
+See the dedicated docs chapter for configuration details: `docs/guide/configuration.md:1`
+
 If you are running from source, copy `.env.example` to `.env` and fill in your values:
 
 ```bash
@@ -182,10 +194,10 @@ Additional runtime options exist in code but are not enabled by default in `.env
 
 | Profile    | Domains                                                                               | Tools                     | Init Tokens | vs Full |
 | ---------- | ------------------------------------------------------------------------------------- | ------------------------- | ----------- | ------- |
-| `search`   | maintenance                                                                           | 18 (10 domain + 8 meta)   | ~3,096      | 7%      |
-| `minimal`  | browser, maintenance                                                                  | 78 (70 domain + 8 meta)   | ~13,416     | 32%     |
-| `workflow` | browser, network, workflow, maintenance, core, debugger, streaming, encoding, graphql | 179 (171 domain + 8 meta) | ~30,788     | 74%     |
-| `full`     | all 16 domains                                                                        | 242 (234 domain + 8 meta) | ~41,624     | 100%    |
+| `search`   | maintenance                                                                           | 20 (12 domain + 8 meta)   | ~3,440      | 8%      |
+| `minimal`  | browser, maintenance                                                                  | 80 (72 domain + 8 meta)   | ~13,760     | 33%     |
+| `workflow` | browser, network, workflow, maintenance, core, debugger, streaming, encoding, graphql | 181 (173 domain + 8 meta) | ~31,132     | 74%     |
+| `full`     | all 16 domains                                                                        | 245 (237 domain + 8 meta) | ~42,140     | 100%    |
 
 > Token counts are rough estimates derived from the previous `claude /doctor` average of ~172 tokens/tool. All profiles include 8 meta-tools: `search_tools`, `activate_tools`, `deactivate_tools`, `activate_domain`, `boost_profile`, `unboost_profile`, `extensions_list`, `extensions_reload`.
 
@@ -243,7 +255,7 @@ Connect your MCP client to `http://localhost:3000/mcp`. The server supports:
 
 Session IDs are issued via the `Mcp-Session-Id` response header.
 
-## Tool Domains (234 Domain Tools)
+## Tool Domains (237 Domain Tools)
 
 ### Core / Analysis (13 tools)
 
@@ -457,40 +469,41 @@ Session IDs are issued via the `Mcp-Session-Id` response header.
 
 </details>
 
-### Process / Memory / Electron (25 tools)
+### Process / Memory / Electron (26 tools)
 
 <details>
-<summary>Process enumeration, memory operations, DLL/shellcode injection, Electron attachment</summary>
-
-| #   | Tool                       | Description                                        |
-| --- | -------------------------- | -------------------------------------------------- |
-| 1   | `process_find`             | Find processes by name pattern                     |
-| 2   | `process_list`             | List all running processes                         |
-| 3   | `process_get`              | Get detailed info about a specific process         |
-| 4   | `process_windows`          | Get all window handles for a process               |
-| 5   | `process_find_chromium`    | Find Chromium-based browser processes              |
-| 6   | `process_check_debug_port` | Check if a process has a debug port enabled        |
-| 7   | `process_launch_debug`     | Launch an executable with remote debugging port    |
-| 8   | `process_kill`             | Kill a process by PID                              |
-| 9   | `memory_read`              | Read process memory at a specific address          |
-| 10  | `memory_write`             | Write data to process memory                       |
-| 11  | `memory_scan`              | Scan process memory for a hex/value pattern        |
-| 12  | `memory_check_protection`  | Check memory protection flags (R/W/X)              |
-| 13  | `memory_protect`           | Change memory protection flags (Windows only)      |
-| 14  | `memory_scan_filtered`     | Secondary scan within a filtered address set       |
-| 15  | `memory_batch_write`       | Write multiple memory patches at once              |
-| 16  | `memory_dump_region`       | Dump a memory region to binary file                |
-| 17  | `memory_list_regions`      | List all memory regions with protection flags      |
-| 18  | `inject_dll`               | Inject a DLL into a target process (Windows only)  |
-| 19  | `module_inject_dll`        | Alias for `inject_dll`                             |
-| 20  | `inject_shellcode`         | Inject and execute shellcode (Windows only)        |
-| 21  | `module_inject_shellcode`  | Alias for `inject_shellcode`                       |
-| 22  | `check_debug_port`         | Check if a process is being debugged               |
-| 23  | `enumerate_modules`        | List all loaded modules (DLLs) with base addresses |
-| 24  | `module_list`              | Alias for `enumerate_modules`                      |
-| 25  | `electron_attach`          | Connect to a running Electron app via CDP          |
-
-> **Platform notes:** Memory read/write/scan/dump work on **Windows** (native API) and **macOS** (lldb + vmmap). Injection tools require Windows with elevated privileges.
+<summary>Process enumeration, memory diagnostics and audit export, controlled DLL/shellcode injection, Electron attachment</summary>
+
+| #   | Tool                       | Description                                                                        |
+| --- | -------------------------- | ---------------------------------------------------------------------------------- |
+| 1   | `process_find`             | Find processes by name pattern                                                     |
+| 2   | `process_list`             | List all running processes                                                         |
+| 3   | `process_get`              | Get detailed info about a specific process                                         |
+| 4   | `process_windows`          | Get all window handles for a process                                               |
+| 5   | `process_find_chromium`    | Disabled by design; use managed browser sessions                                   |
+| 6   | `process_check_debug_port` | Check if a process has a debug port enabled                                        |
+| 7   | `process_launch_debug`     | Launch an executable with remote debugging port                                    |
+| 8   | `process_kill`             | Kill a process by PID                                                              |
+| 9   | `memory_read`              | Read process memory; failures include diagnostics                                  |
+| 10  | `memory_write`             | Write process memory; failures include diagnostics                                 |
+| 11  | `memory_scan`              | Scan memory for a hex/value pattern with diagnostics on failure                    |
+| 12  | `memory_check_protection`  | Check memory protection flags (R/W/X)                                              |
+| 13  | `memory_protect`           | Alias for `memory_check_protection`                                                |
+| 14  | `memory_scan_filtered`     | Secondary scan within a filtered address set                                       |
+| 15  | `memory_batch_write`       | Write multiple memory patches at once                                              |
+| 16  | `memory_dump_region`       | Dump a memory region to binary file                                                |
+| 17  | `memory_list_regions`      | List all memory regions with protection flags                                      |
+| 18  | `memory_audit_export`      | Export the in-memory audit trail for memory operations                             |
+| 19  | `inject_dll`               | Disabled by default; set `ENABLE_INJECTION_TOOLS=true` to enable on Windows        |
+| 20  | `module_inject_dll`        | Alias for `inject_dll`                                                             |
+| 21  | `inject_shellcode`         | Disabled by default; accepts hex/base64 and requires `ENABLE_INJECTION_TOOLS=true` |
+| 22  | `module_inject_shellcode`  | Alias for `inject_shellcode`                                                       |
+| 23  | `check_debug_port`         | Check if a process is being debugged                                               |
+| 24  | `enumerate_modules`        | List all loaded modules (DLLs) with base addresses                                 |
+| 25  | `module_list`              | Alias for `enumerate_modules`                                                      |
+| 26  | `electron_attach`          | Connect to a running Electron app via CDP                                          |
+
+> **Platform notes:** Memory read/write/scan/dump work on **Windows** (native API) and **macOS** (lldb + vmmap). Failed `memory_read` / `memory_write` / `memory_scan` calls now include structured `diagnostics`, and `memory_audit_export` lets you export the in-memory audit trail. Injection tools are disabled by default; enable them with `ENABLE_INJECTION_TOOLS=true` on Windows with elevated privileges.
 
 </details>
 
@@ -681,6 +694,9 @@ Session IDs are issued via the `Mcp-Session-Id` response header.
 
 ### Meta-Tools (8 tools)
 
+<details>
+<summary>Open the meta-tool list</summary>
+
 | #   | Tool                | Description                                                                                                                                                                                                                                                                                                                                    |
 | --- | ------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | 1   | `search_tools`      | _(meta-tool)_ BM25 keyword search across built-in tools + loaded plugin/workflow tools; in `workflow/full` tiers, workflow-domain matches receive a ranking boost. When extension workflows are loaded, `run_extension_workflow` / `list_extension_workflows` get extra ranking weight (especially for register/captcha/keygen-style intents). |
@@ -692,8 +708,13 @@ Session IDs are issued via the `Mcp-Session-Id` response header.
 | 7   | `extensions_list`   | _(meta-tool)_ List currently loaded extensions from `plugins/` and `workflows/`                                                                                                                                                                                                                                                                |
 | 8   | `extensions_reload` | _(meta-tool)_ Reload extensions at runtime and register extension tools dynamically                                                                                                                                                                                                                                                            |
 
+</details>
+
 ## Dynamic Extensions (plugins/workflows)
 
+<details>
+<summary>Open extension layout, discovery, and reload rules</summary>
+
 - Default extension roots (global, under jshook installation directory):
   - `<jshook-install>/plugins`
   - `<jshook-install>/workflows`
@@ -741,6 +762,14 @@ Session IDs are issued via the `Mcp-Session-Id` response header.
 - `activate_domain` can include extension domains only after `extensions_reload`.
 - On reload, plugin lifecycle cleanup hooks are executed when available (`onDeactivate` then `onUnload`).
 
+</details>
+
+## Safety & Liability Disclaimer
+
+- Process memory mutation, code injection, traffic replay, and similar low-level capabilities are provided as-is.
+- Third-party plugins, workflows, and extensions loaded from local paths or registries are not audited, endorsed, or warranted by this project.
+- You are responsible for reviewing what you enable and for any operational, legal, security, or data-loss consequences that follow from using built-in mutation features or external extensions.
+
 ## Generated Artifacts & Cleanup
 
 | Artifact                  | Default location                                   | Created by                                                         |
@@ -798,8 +827,11 @@ pnpm run doctor
 
 ## Extension Templates
 
+> This section is about extension authoring templates, not the installation path for the main `jshook` server. If you only want to use the server, prefer `npx @jshookmcp/jshook` above. Clone and build the template repositories only when you want to develop your own plugin or workflow.
+
 - Plugin starter repo: `https://github.com/vmoranv/jshook_plugin_template`
 - Workflow starter repo: `https://github.com/vmoranv/jshook_workflow_template`
+- Registry submissions: open an issue in `https://github.com/vmoranv/jshookmcpextension/issues` if you want your plugin or workflow considered for the extension registry
 
 ## Project Stats
 

package/README.zh.md

@@ -8,7 +8,7 @@
 
 [English](./README.md) | 中文
 
-面向 AI 辅助 JavaScript 分析与安全分析的 MCP（模型上下文协议）服务器，提供 **244 个内置工具**——其中 **16 个域下 236 个域工具**，外加 **8 个内置元工具**——并支持从 `plugins/` 与 `workflows/` 目录运行时动态扩展。集成浏览器自动化、Chrome DevTools Protocol 调试、网络监控、智能 JavaScript Hook、LLM 驱动代码分析、进程/内存操作、WASM 工具链、二进制编码、反反调试、GraphQL 发现、Source Map 重建、AST 变换、加密重构、平台包分析、Burp Suite / Native 分析工具桥接及高层复合工作流编排。
+面向 AI 辅助 JavaScript 分析与安全分析的 MCP（模型上下文协议）服务器，提供 **245 个内置工具**——其中 **16 个域下 237 个域工具**，外加 **8 个内置元工具**——并支持从 `plugins/` 与 `workflows/` 目录运行时动态扩展。集成浏览器自动化、Chrome DevTools Protocol 调试、网络监控、智能 JavaScript Hook、LLM 驱动代码分析、进程/内存操作、WASM 工具链、二进制编码、反反调试、GraphQL 发现、Source Map 重建、AST 变换、加密重构、平台包分析、Burp Suite / Native 分析工具桥接及高层复合工作流编排。
 
 ## 从这里开始
 
@@ -21,6 +21,9 @@
 
 ## 功能特性
 
+<details>
+<summary>展开完整功能清单</summary>
+
 - **浏览器自动化** — 启动 Chromium/Camoufox、页面导航、DOM 交互、截图、Cookie 与存储管理
 - **CDP 调试器** — 断点设置、单步执行、作用域变量检查、监视表达式、会话保存/恢复
 - **网络监控** — 请求/响应捕获、URL/方法过滤、响应体获取、`offset+limit` 分页访问
@@ -51,19 +54,24 @@
 - **Native 分析工具桥接** — Ghidra 与 IDA Pro 桥接：函数反编译、符号查询、脚本执行、交叉引用分析；端点仅允许回环地址并具备 SSRF 防护
 - **CAPTCHA 处理** — AI 视觉检测、手动验证流程、可配置轮询
 - **隐身注入** — 针对无头浏览器指纹识别的反检测补丁
-- **进程与内存** — 跨平台进程枚举、内存读写/扫描、DLL/Shellcode 注入（Windows）、Electron 应用附加
+- **进程与内存** — 跨平台进程枚举、带结构化 diagnostics 的内存读写/扫描、内存操作审计导出、默认关闭的 DLL/Shellcode 注入（Windows）、Electron 应用附加
 - **性能优化** — 智能缓存、Token 预算管理、代码覆盖率、渐进工具披露与按域懒初始化、BM25 搜索发现（search 档位初始化仅约 800 token，full 档位约 18K token）
 - **域自发现** — 运行时清单扫描（`domains/*/manifest.ts`）替代硬编码导入；添加新工具域只需创建一个 `manifest.ts` 文件，无需修改任何中心注册代码
 - **安全防护** — Bearer 令牌认证（`MCP_AUTH_TOKEN`）、Origin CSRF 防护、逐跳 SSRF 校验、symlink 安全路径处理、PowerShell 注入防护、外部工具安全执行
 
+</details>
+
 ## 架构
 
+<details>
+<summary>展开架构说明</summary>
+
 基于 `@modelcontextprotocol/sdk` v1.27+ 的 **McpServer 高层 API** 构建：
 
 - 所有工具通过 `server.registerTool()` 注册，无手动请求处理
 - 工具 Schema 从 JSON Schema 动态构建（输入由各域 handler 验证）
 - **四种工具档位**：`search`（BM25 搜索发现）、`minimal`（快速启动）、`workflow`（端到端 JavaScript 与安全分析）、`full`（全部域）
-- **渐进发现**：`search` 档位暴露 10 个 maintenance 域工具 + 8 个内置元工具；`search_tools` 会同时搜索内置工具与已加载的插件/工作流工具，且 `workflow/full` 档位会提高工作流结果的排序优先级
+- **渐进发现**：`search` 档位暴露 12 个 maintenance 域工具 + 8 个内置元工具；`search_tools` 会同时搜索内置工具与已加载的插件/工作流工具，且 `workflow/full` 档位会提高工作流结果的排序优先级
 - **域自发现**：启动时 registry 通过动态 ESM import 扫描 `domains/*/manifest.ts` — 新域无需修改任何中心文件即可被自动检测
 - **DomainManifest 契约**：每个域导出标准化清单（`kind`、`version`、`domain`、`depKey`、`profiles`、`registrations`、`ensure`）— 档位归属、工具定义和 handler 工厂全部集中在一个文件中
 - **按域懒初始化**：handler 类通过 Proxy 在首次工具调用时实例化，不在 init 阶段创建
@@ -71,6 +79,8 @@
 - 两种传输模式：**stdio**（默认）和 **Streamable HTTP**（MCP 当前修订版）
 - 能力声明：`{ tools: { listChanged: true }, logging: {} }`
 
+</details>
+
 ## 环境要求
 
 - Node.js >= 20
@@ -129,6 +139,8 @@ Windows 常见缓存路径：
 
 ## 配置
 
+文档站中的独立配置章节见：`docs/guide/configuration.md:1`
+
 如果你是从源码运行，请将 `.env.example` 复制为 `.env` 并填写：
 
 ```bash
@@ -179,10 +191,10 @@ cp .env.example .env
 
 | 档位       | 包含域                                                                                | 工具数                           | 初始化 Tokens | 占比 |
 | ---------- | ------------------------------------------------------------------------------------- | -------------------------------- | ------------- | ---- |
-| `search`   | maintenance                                                                           | 18（10 个域工具 + 8 个元工具）   | ~3,096        | 7%   |
-| `minimal`  | browser, maintenance                                                                  | 78（70 个域工具 + 8 个元工具）   | ~13,416       | 32%  |
-| `workflow` | browser, network, workflow, maintenance, core, debugger, streaming, encoding, graphql | 179（171 个域工具 + 8 个元工具） | ~30,788       | 74%  |
-| `full`     | 全部 16 个域                                                                          | 242（234 个域工具 + 8 个元工具） | ~41,624       | 100% |
+| `search`   | maintenance                                                                           | 20（12 个域工具 + 8 个元工具）   | ~3,440        | 8%   |
+| `minimal`  | browser, maintenance                                                                  | 80（72 个域工具 + 8 个元工具）   | ~13,760       | 33%  |
+| `workflow` | browser, network, workflow, maintenance, core, debugger, streaming, encoding, graphql | 181（173 个域工具 + 8 个元工具） | ~31,132       | 74%  |
+| `full`     | 全部 16 个域                                                                          | 245（237 个域工具 + 8 个元工具） | ~42,140       | 100% |
 
 > Token 数据为近似值，按此前 `claude /doctor` 的平均 172 tokens/工具估算。所有档位均包含 8 个元工具：`search_tools`、`activate_tools`、`deactivate_tools`、`activate_domain`、`boost_profile`、`unboost_profile`、`extensions_list`、`extensions_reload`。
 
@@ -190,6 +202,9 @@ cp .env.example .env
 
 ### 动态扩展（plugins/workflows）
 
+<details>
+<summary>展开扩展目录、约定与热加载规则</summary>
+
 - 默认扩展目录：
   - `./plugins`
   - `./workflows`
@@ -225,6 +240,8 @@ MCP_TOOL_DOMAINS=browser,maintenance jshook
 MCP_TRANSPORT=http MCP_AUTH_TOKEN=mysecret jshook
 ```
 
+</details>
+
 ## MCP 客户端配置
 
 ### stdio（默认 — 本地 MCP 客户端）
@@ -258,7 +275,7 @@ MCP_TRANSPORT=http MCP_PORT=3000 jshook
 
 会话 ID 通过 `Mcp-Session-Id` 响应头下发。
 
-## 工具域（234 个域工具）
+## 工具域（237 个域工具）
 
 ### 核心 / 分析（13 个工具）
 
@@ -467,40 +484,41 @@ MCP_TRANSPORT=http MCP_PORT=3000 jshook
 
 </details>
 
-### 进程 / 内存 / Electron（25 个工具）
+### 进程 / 内存 / Electron（26 个工具）
 
 <details>
-<summary>进程枚举、内存操作、DLL/Shellcode 注入、Electron 附加</summary>
-
-| #   | 工具                       | 说明                                |
-| --- | -------------------------- | ----------------------------------- |
-| 1   | `process_find`             | 按名称模式查找进程                  |
-| 2   | `process_list`             | 列出所有运行进程                    |
-| 3   | `process_get`              | 获取特定进程详情                    |
-| 4   | `process_windows`          | 获取进程的所有窗口句柄              |
-| 5   | `process_find_chromium`    | 查找 Chromium 系浏览器进程          |
-| 6   | `process_check_debug_port` | 检查进程是否启用了调试端口          |
-| 7   | `process_launch_debug`     | 以远程调试端口启动可执行文件        |
-| 8   | `process_kill`             | 按 PID 结束进程                     |
-| 9   | `memory_read`              | 读取进程指定地址的内存              |
-| 10  | `memory_write`             | 写入进程内存                        |
-| 11  | `memory_scan`              | 按 hex/值模式扫描进程内存           |
-| 12  | `memory_check_protection`  | 检查内存保护标志（R/W/X）           |
-| 13  | `memory_protect`           | 修改内存保护标志（仅 Windows）      |
-| 14  | `memory_scan_filtered`     | 在已过滤地址集中二次扫描            |
-| 15  | `memory_batch_write`       | 批量写入多个内存补丁                |
-| 16  | `memory_dump_region`       | 将内存区域转储为二进制文件          |
-| 17  | `memory_list_regions`      | 列出所有内存区域及保护标志          |
-| 18  | `inject_dll`               | 向目标进程注入 DLL（仅 Windows）    |
-| 19  | `module_inject_dll`        | `inject_dll` 别名                   |
-| 20  | `inject_shellcode`         | 注入并执行 Shellcode（仅 Windows）  |
-| 21  | `module_inject_shellcode`  | `inject_shellcode` 别名             |
-| 22  | `check_debug_port`         | 检查进程是否被调试                  |
-| 23  | `enumerate_modules`        | 列出所有已加载模块（DLL）及基址     |
-| 24  | `module_list`              | `enumerate_modules` 别名            |
-| 25  | `electron_attach`          | 通过 CDP 连接运行中的 Electron 应用 |
-
-> **平台说明：** 内存读写/扫描/转储支持 **Windows**（原生 API）和 **macOS**（lldb + vmmap）。注入工具需要 Windows 提权权限。
+<summary>进程枚举、内存诊断与审计导出、受控 DLL/Shellcode 注入、Electron 附加</summary>
+
+| #   | 工具                       | 说明                                                                   |
+| --- | -------------------------- | ---------------------------------------------------------------------- |
+| 1   | `process_find`             | 按名称模式查找进程                                                     |
+| 2   | `process_list`             | 列出所有运行进程                                                       |
+| 3   | `process_get`              | 获取特定进程详情                                                       |
+| 4   | `process_windows`          | 获取进程的所有窗口句柄                                                 |
+| 5   | `process_find_chromium`    | 按设计禁用；请改用受管浏览器会话                                       |
+| 6   | `process_check_debug_port` | 检查进程是否启用了调试端口                                             |
+| 7   | `process_launch_debug`     | 以远程调试端口启动可执行文件                                           |
+| 8   | `process_kill`             | 按 PID 结束进程                                                        |
+| 9   | `memory_read`              | 读取进程指定地址的内存；失败时返回 diagnostics                         |
+| 10  | `memory_write`             | 写入进程内存；失败时返回 diagnostics                                   |
+| 11  | `memory_scan`              | 按 hex/值模式扫描进程内存；失败时返回 diagnostics                      |
+| 12  | `memory_check_protection`  | 检查内存保护标志（R/W/X）                                              |
+| 13  | `memory_protect`           | `memory_check_protection` 别名                                         |
+| 14  | `memory_scan_filtered`     | 在已过滤地址集中二次扫描                                               |
+| 15  | `memory_batch_write`       | 批量写入多个内存补丁                                                   |
+| 16  | `memory_dump_region`       | 将内存区域转储为二进制文件                                             |
+| 17  | `memory_list_regions`      | 列出所有内存区域及保护标志                                             |
+| 18  | `memory_audit_export`      | 导出内存操作的内存内审计轨迹                                           |
+| 19  | `inject_dll`               | 默认关闭；需设置 `ENABLE_INJECTION_TOOLS=true` 后在 Windows 启用       |
+| 20  | `module_inject_dll`        | `inject_dll` 别名                                                      |
+| 21  | `inject_shellcode`         | 默认关闭；支持 hex/base64，需设置 `ENABLE_INJECTION_TOOLS=true` 后启用 |
+| 22  | `module_inject_shellcode`  | `inject_shellcode` 别名                                                |
+| 23  | `check_debug_port`         | 检查进程是否被调试                                                     |
+| 24  | `enumerate_modules`        | 列出所有已加载模块（DLL）及基址                                        |
+| 25  | `module_list`              | `enumerate_modules` 别名                                               |
+| 26  | `electron_attach`          | 通过 CDP 连接运行中的 Electron 应用                                    |
+
+> **平台说明：** 内存读写/扫描/转储支持 **Windows**（原生 API）和 **macOS**（lldb + vmmap）。`memory_read`、`memory_write`、`memory_scan` 失败时会返回结构化 `diagnostics`。注入工具默认关闭；需在 Windows 提权后通过 `ENABLE_INJECTION_TOOLS=true` 启用。
 
 </details>
 
@@ -690,6 +708,9 @@ MCP_TRANSPORT=http MCP_PORT=3000 jshook
 
 ### 元工具（8 个工具）
 
+<details>
+<summary>展开元工具清单</summary>
+
 | #   | 工具                | 说明                                                                                                                                                                                                                                                          |
 | --- | ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | 1   | `search_tools`      | _(元工具)_ BM25 关键字搜索内置工具 + 已加载的插件/工作流工具；在 `workflow/full` 档位下，工作流域结果会获得额外排序加权。若已加载扩展 workflow，`run_extension_workflow` / `list_extension_workflows` 还会获得额外权重（尤其在注册/验证码/keygen 等意图下）。 |
@@ -701,8 +722,13 @@ MCP_TRANSPORT=http MCP_PORT=3000 jshook
 | 7   | `extensions_list`   | _(元工具)_ 列出当前已加载的 `plugins/` / `workflows/` 扩展                                                                                                                                                                                                    |
 | 8   | `extensions_reload` | _(元工具)_ 运行时重新扫描扩展目录并动态注册扩展工具                                                                                                                                                                                                           |
 
+</details>
+
 ### 动态扩展（plugins/workflows）
 
+<details>
+<summary>展开扩展根目录、信任策略与放置规范</summary>
+
 - 默认扩展根目录（全局，位于 jshook 安装目录下）：
   - `<jshook-install>/plugins`
   - `<jshook-install>/workflows`
@@ -750,6 +776,14 @@ MCP_TRANSPORT=http MCP_PORT=3000 jshook
 - `activate_domain` 只有在执行过 `extensions_reload` 后，才会包含扩展域。
 - reload 时会在可用情况下执行插件清理生命周期（`onDeactivate` → `onUnload`）。
 
+</details>
+
+## 免责声明
+
+- 进程内存修改、代码注入、流量重放等底层能力按现状提供，不附带适用性或结果保证。
+- 通过本地目录或 registry 加载的第三方插件、工作流与扩展，不属于本项目已审计、背书或担保的内容。
+- 是否启用这些内置变更能力或外部扩展，以及因此产生的运行、合规、安全、数据损失等后果，由使用者自行评估并承担。
+
 ## 生成产物与清理
 
 | 产物                   | 默认位置                                           | 生成工具                                                           |
@@ -803,8 +837,11 @@ pnpm run doctor
 
 ## 扩展模板
 
+> 这里说的是“开发扩展”的模板仓，不是主程序 `jshook` 的安装方式。普通使用者运行主程序，优先走上面的 `npx @jshookmcp/jshook`；只有在你要自己开发 plugin / workflow 时，才需要 clone 模板仓并本地 build。
+
 - 插件模板仓：`https://github.com/vmoranv/jshook_plugin_template`
 - 工作流模板仓：`https://github.com/vmoranv/jshook_workflow_template`
+- 想让自己的 plugin / workflow 被扩展 registry 收录：到 `https://github.com/vmoranv/jshookmcpextension/issues` 提 issue 申报
 
 ## 项目统计
 

package/dist/constants.d.ts

@@ -103,6 +103,7 @@ export declare const MEMORY_SCAN_MAX_RESULTS: number;
 export declare const MEMORY_SCAN_MAX_REGIONS: number;
 export declare const MEMORY_SCAN_REGION_MAX_BYTES: number;
 export declare const MEMORY_INJECT_TIMEOUT_MS: number;
+export declare const ENABLE_INJECTION_TOOLS: boolean;
 export declare const MEMORY_MONITOR_INTERVAL_MS: number;
 export declare const MEMORY_VMMAP_TIMEOUT_MS: number;
 export declare const MEMORY_PROTECTION_QUERY_TIMEOUT_MS: number;

package/dist/constants.js

@@ -12,6 +12,17 @@ const float = (key, fallback) => {
     const n = Number.parseFloat(v);
     return Number.isFinite(n) ? n : fallback;
 };
+const bool = (key, fallback) => {
+    const v = process.env[key];
+    if (v === undefined || v === '')
+        return fallback;
+    const normalized = v.trim().toLowerCase();
+    if (normalized === 'true' || normalized === '1')
+        return true;
+    if (normalized === 'false' || normalized === '0')
+        return false;
+    return fallback;
+};
 const str = (key, fallback) => process.env[key] || fallback;
 const list = (key, fallback) => {
     const v = process.env[key];
@@ -84,7 +95,7 @@ export const CAPTCHA_RESULT_TIMEOUT_MS = int('CAPTCHA_RESULT_TIMEOUT_MS', 10_000
 export const CAPTCHA_DEFAULT_TIMEOUT_MS = int('CAPTCHA_DEFAULT_TIMEOUT_MS', 180_000);
 export const CAPTCHA_MIN_TIMEOUT_MS = int('CAPTCHA_MIN_TIMEOUT_MS', 5_000);
 export const CAPTCHA_MAX_TIMEOUT_MS = int('CAPTCHA_MAX_TIMEOUT_MS', 600_000);
-export const CAPTCHA_MAX_RETRIES = int('CAPTCHA_MAX_RETRIES_MAX', 5);
+export const CAPTCHA_MAX_RETRIES = int('CAPTCHA_MAX_RETRIES', 5);
 export const CAPTCHA_DEFAULT_RETRIES = int('CAPTCHA_DEFAULT_RETRIES', 2);
 export const NETWORK_REPLAY_TIMEOUT_MS = int('NETWORK_REPLAY_TIMEOUT_MS', 30_000);
 export const NETWORK_REPLAY_MAX_BODY_BYTES = int('NETWORK_REPLAY_MAX_BODY_BYTES', 512_000);
@@ -137,6 +148,7 @@ export const MEMORY_SCAN_MAX_RESULTS = int('MEMORY_SCAN_MAX_RESULTS', 10_000);
 export const MEMORY_SCAN_MAX_REGIONS = int('MEMORY_SCAN_MAX_REGIONS', 50_000);
 export const MEMORY_SCAN_REGION_MAX_BYTES = int('MEMORY_SCAN_REGION_MAX_BYTES', 16_777_216);
 export const MEMORY_INJECT_TIMEOUT_MS = int('MEMORY_INJECT_TIMEOUT_MS', 30_000);
+export const ENABLE_INJECTION_TOOLS = bool('ENABLE_INJECTION_TOOLS', false);
 export const MEMORY_MONITOR_INTERVAL_MS = int('MEMORY_MONITOR_INTERVAL_MS', 1_000);
 export const MEMORY_VMMAP_TIMEOUT_MS = int('MEMORY_VMMAP_TIMEOUT_MS', 15_000);
 export const MEMORY_PROTECTION_QUERY_TIMEOUT_MS = int('MEMORY_PROTECTION_QUERY_TIMEOUT_MS', 15_000);

package/dist/modules/analyzer/IntelligentAnalyzer.js

@@ -69,32 +69,40 @@ export class IntelligentAnalyzer {
     }
     generateAIFriendlySummary(result) {
         const lines = [];
-        lines.push('===  ===\n');
-        lines.push(` :`);
+        lines.push('=== Analysis Summary ===');
+        lines.push('');
+        lines.push(`Statistics:`);
         lines.push(`  - Requests: ${result.summary.totalRequests} -> Filtered: ${result.summary.filteredRequests}`);
         lines.push(`  - Logs: ${result.summary.totalLogs} -> Filtered: ${result.summary.filteredLogs}`);
-        lines.push(`  - : ${result.exceptions.length}\n`);
+        lines.push(`  - Exceptions: ${result.exceptions.length}`);
+        lines.push('');
         if (result.summary.suspiciousAPIs.length > 0) {
-            lines.push(` API (${result.summary.suspiciousAPIs.length}):`);
+            lines.push(`Suspicious APIs (${result.summary.suspiciousAPIs.length}):`);
             result.summary.suspiciousAPIs.slice(0, 10).forEach((api) => {
                 lines.push(`  - ${api}`);
             });
             lines.push('');
         }
         if (result.patterns.encryption && result.patterns.encryption.length > 0) {
-            lines.push(`  (${result.patterns.encryption.length}):`);
+            lines.push(`Encryption Patterns (${result.patterns.encryption.length}):`);
             result.patterns.encryption.slice(0, 5).forEach((pattern) => {
-                lines.push(`  - ${pattern.type} (: ${(pattern.confidence * 100).toFixed(0)}%)`);
-                lines.push(`    : ${pattern.location}`);
-                lines.push(`    : ${pattern.evidence.join(', ')}`);
+                const evidence = Array.isArray(pattern.evidence)
+                    ? pattern.evidence.join(', ')
+                    : String(pattern.evidence ?? '');
+                lines.push(`  - ${pattern.type} (confidence: ${(pattern.confidence * 100).toFixed(0)}%)`);
+                lines.push(`    location: ${pattern.location}`);
+                lines.push(`    evidence: ${evidence}`);
             });
             lines.push('');
         }
         if (result.patterns.signature && result.patterns.signature.length > 0) {
             lines.push(`Signature Patterns (${result.patterns.signature.length}):`);
             result.patterns.signature.slice(0, 5).forEach((pattern) => {
+                const parameters = Array.isArray(pattern.parameters)
+                    ? pattern.parameters.join(', ')
+                    : String(pattern.parameters ?? '');
                 lines.push(`  - ${pattern.type}`);
-                lines.push(`    : ${pattern.parameters.join(', ')}`);
+                lines.push(`    parameters: ${parameters}`);
             });
             lines.push('');
         }
@@ -106,11 +114,11 @@ export class IntelligentAnalyzer {
             lines.push('');
         }
         if (result.summary.keyFunctions.length > 0) {
-            lines.push(`  (${result.summary.keyFunctions.length}):`);
+            lines.push(`Key Functions (${result.summary.keyFunctions.length}):`);
             lines.push(`  ${result.summary.keyFunctions.slice(0, 15).join(', ')}`);
             lines.push('');
         }
-        lines.push('===  ===');
+        lines.push('=== Analysis Summary ===');
         return lines.join('\n');
     }
     async analyzeCriticalRequestsWithLLM(requests) {

package/dist/modules/browser/BrowserModeManager.d.ts

@@ -10,19 +10,24 @@ export declare class BrowserModeManager {
     private browser;
     private currentPage;
     private isHeadless;
+    private isClosing;
+    private launchPromise?;
     private config;
     private captchaDetector;
     private launchOptions;
     private sessionData;
     constructor(config?: BrowserModeConfig, launchOptions?: LaunchOptions);
     launch(): Promise<Browser>;
+    private doLaunch;
     private resolveExecutablePath;
     newPage(): Promise<Page>;
+    private finalizeClose;
     goto(url: string, page?: Page): Promise<Page>;
     checkAndHandleCaptcha(page: Page, originalUrl: string): Promise<void>;
     private switchToHeaded;
     private showCaptchaPrompt;
     private saveSessionData;
+    private restoreSessionData;
     private injectAntiDetectionScripts;
     close(): Promise<void>;
     getBrowser(): Browser | null;