@secure-exec/browser 0.0.0-agentos-dylib-base.edaa4a4

package/dist/worker.js

@@ -0,0 +1,2125 @@
+import { hmac as nobleHmac } from "@noble/hashes/hmac.js";
+import { cbc as nobleAesCbc, ctr as nobleAesCtr, gcm as nobleAesGcm } from "@noble/ciphers/aes.js";
+import { md5, sha1 } from "@noble/hashes/legacy.js";
+import { pbkdf2 as noblePbkdf2 } from "@noble/hashes/pbkdf2.js";
+import { sha224, sha256, sha384, sha512 } from "@noble/hashes/sha2.js";
+import { scrypt as nobleScrypt } from "@noble/hashes/scrypt.js";
+import { transform } from "sucrase";
+import { createBrowserNetworkAdapter } from "./driver.js";
+import { base64ToBytes, toUint8Array } from "./encoding.js";
+import { validatePermissionSource } from "./permission-validation.js";
+import { defaultSignalExitCode, signalNumberForEvent } from "./signals.js";
+import { createNetworkStub, exposeCustomGlobal, exposeMutableRuntimeStateGlobal, filterEnv, getIsolateRuntimeSource, getRequireSetupCode, isESM, POLYFILL_CODE_MAP, transformDynamicImport, wrapNetworkAdapter, } from "./runtime.js";
+import { assertBrowserSyncBridgeSupport, SYNC_BRIDGE_KIND_BINARY, SYNC_BRIDGE_KIND_JSON, SYNC_BRIDGE_KIND_NONE, SYNC_BRIDGE_KIND_TEXT, SYNC_BRIDGE_SIGNAL_KIND_INDEX, SYNC_BRIDGE_SIGNAL_LENGTH_INDEX, SYNC_BRIDGE_SIGNAL_STATE_IDLE, SYNC_BRIDGE_SIGNAL_STATE_INDEX, SYNC_BRIDGE_SIGNAL_STATUS_INDEX, SYNC_BRIDGE_STATUS_ERROR, } from "./sync-bridge.js";
+let networkAdapter = null;
+let permissions;
+let initialized = false;
+let controlToken = null;
+let runtimeTimingMitigation = "freeze";
+let runtimeProcessConfig = null;
+let activeProcessRequestId = null;
+let activeExecutionId = null;
+let activeCaptureStdio = false;
+let activeSyncBridge = null;
+const pendingExecutionSignals = new Map();
+const dynamicImportCache = new Map();
+const MAX_ERROR_MESSAGE_CHARS = 8192;
+const MAX_STDIO_MESSAGE_CHARS = 8192;
+// Payload size defaults matching the Node runtime path
+const DEFAULT_BASE64_TRANSFER_BYTES = 16 * 1024 * 1024;
+const DEFAULT_JSON_PAYLOAD_BYTES = 4 * 1024 * 1024;
+const PAYLOAD_LIMIT_ERROR_CODE = "ERR_SANDBOX_PAYLOAD_TOO_LARGE";
+const DEFAULT_SCRYPT_COST = 16_384;
+const DEFAULT_SCRYPT_BLOCK_SIZE = 8;
+const DEFAULT_SCRYPT_PARALLELIZATION = 1;
+let base64TransferLimitBytes = DEFAULT_BASE64_TRANSFER_BYTES;
+let jsonPayloadLimitBytes = DEFAULT_JSON_PAYLOAD_BYTES;
+const encoder = new TextEncoder();
+const decoder = new TextDecoder();
+// biome-ignore lint/security/noGlobalEval: the browser worker intentionally evaluates isolated runtime source strings.
+const globalEval = eval;
+const SHARED_ARRAY_BUFFER_FREEZE_KEYS = [
+    "byteLength",
+    "slice",
+    "grow",
+    "maxByteLength",
+    "growable",
+];
+const timingGlobals = {
+    captured: false,
+    sharedArrayBufferPrototypeDescriptors: new Map(),
+};
+function getUtf8ByteLength(text) {
+    return encoder.encode(text).byteLength;
+}
+function getRequiredControlToken() {
+    if (!controlToken) {
+        throw new Error("Browser runtime worker control channel is not initialized");
+    }
+    return controlToken;
+}
+function captureTimingGlobals() {
+    if (timingGlobals.captured) {
+        return;
+    }
+    timingGlobals.captured = true;
+    timingGlobals.dateDescriptor = Object.getOwnPropertyDescriptor(globalThis, "Date");
+    timingGlobals.dateValue = globalThis.Date;
+    timingGlobals.performanceDescriptor = Object.getOwnPropertyDescriptor(globalThis, "performance");
+    timingGlobals.performanceValue = globalThis.performance;
+    timingGlobals.sharedArrayBufferDescriptor = Object.getOwnPropertyDescriptor(globalThis, "SharedArrayBuffer");
+    timingGlobals.sharedArrayBufferValue = globalThis.SharedArrayBuffer;
+    const sharedArrayBufferCtor = globalThis.SharedArrayBuffer;
+    if (typeof sharedArrayBufferCtor !== "function") {
+        return;
+    }
+    const prototype = sharedArrayBufferCtor.prototype;
+    for (const key of SHARED_ARRAY_BUFFER_FREEZE_KEYS) {
+        timingGlobals.sharedArrayBufferPrototypeDescriptors.set(key, Object.getOwnPropertyDescriptor(prototype, key));
+    }
+}
+function restoreGlobalProperty(name, descriptor) {
+    if (descriptor) {
+        try {
+            Object.defineProperty(globalThis, name, descriptor);
+            return;
+        }
+        catch {
+            if ("value" in descriptor) {
+                globalThis[name] = descriptor.value;
+                return;
+            }
+        }
+    }
+    Reflect.deleteProperty(globalThis, name);
+}
+function restoreSharedArrayBufferPrototype() {
+    const sharedArrayBufferCtor = timingGlobals.sharedArrayBufferValue;
+    if (typeof sharedArrayBufferCtor !== "function") {
+        return;
+    }
+    const prototype = sharedArrayBufferCtor.prototype;
+    for (const key of SHARED_ARRAY_BUFFER_FREEZE_KEYS) {
+        const descriptor = timingGlobals.sharedArrayBufferPrototypeDescriptors.get(key);
+        try {
+            if (descriptor) {
+                Object.defineProperty(prototype, key, descriptor);
+            }
+            else {
+                delete prototype[key];
+            }
+        }
+        catch {
+            // Ignore non-configurable SharedArrayBuffer prototype properties.
+        }
+    }
+}
+function restoreTimingMitigationOff() {
+    captureTimingGlobals();
+    restoreGlobalProperty("Date", timingGlobals.dateDescriptor);
+    restoreGlobalProperty("performance", timingGlobals.performanceDescriptor);
+    restoreSharedArrayBufferPrototype();
+    restoreGlobalProperty("SharedArrayBuffer", timingGlobals.sharedArrayBufferDescriptor);
+    if (typeof globalThis.performance === "undefined" ||
+        globalThis.performance === null) {
+        Object.defineProperty(globalThis, "performance", {
+            value: {
+                now: () => Date.now(),
+            },
+            configurable: true,
+            writable: true,
+        });
+    }
+}
+function applyTimingMitigation(timingMitigation, frozenTimeMs) {
+    captureTimingGlobals();
+    restoreTimingMitigationOff();
+    if (timingMitigation !== "freeze") {
+        return undefined;
+    }
+    const frozenTimeValue = typeof frozenTimeMs === "number" && Number.isFinite(frozenTimeMs)
+        ? Math.trunc(frozenTimeMs)
+        : Date.now();
+    const originalDate = timingGlobals.dateValue ?? timingGlobals.dateDescriptor?.value ?? Date;
+    const frozenDateNow = () => frozenTimeValue;
+    const FrozenDate = function (...args) {
+        if (new.target) {
+            if (args.length === 0) {
+                return new originalDate(frozenTimeValue);
+            }
+            return new originalDate(...args);
+        }
+        return originalDate();
+    };
+    Object.defineProperty(FrozenDate, "prototype", {
+        value: originalDate.prototype,
+        writable: false,
+        configurable: false,
+    });
+    Object.defineProperty(FrozenDate, "now", {
+        value: frozenDateNow,
+        configurable: true,
+        writable: false,
+    });
+    FrozenDate.parse = originalDate.parse;
+    FrozenDate.UTC = originalDate.UTC;
+    try {
+        Object.defineProperty(globalThis, "Date", {
+            value: FrozenDate,
+            configurable: true,
+            writable: false,
+        });
+    }
+    catch {
+        globalThis.Date = FrozenDate;
+    }
+    const frozenPerformance = Object.create(null);
+    const originalPerformance = timingGlobals.performanceValue;
+    if (typeof originalPerformance !== "undefined" &&
+        originalPerformance !== null) {
+        const source = originalPerformance;
+        for (const key of Object.getOwnPropertyNames(Object.getPrototypeOf(originalPerformance) ?? originalPerformance)) {
+            if (key === "now") {
+                continue;
+            }
+            try {
+                const value = source[key];
+                frozenPerformance[key] =
+                    typeof value === "function" ? value.bind(originalPerformance) : value;
+            }
+            catch {
+                // Ignore performance accessors that throw in this host.
+            }
+        }
+    }
+    Object.defineProperty(frozenPerformance, "now", {
+        value: () => 0,
+        configurable: true,
+        writable: false,
+    });
+    Object.freeze(frozenPerformance);
+    try {
+        Object.defineProperty(globalThis, "performance", {
+            value: frozenPerformance,
+            configurable: true,
+            writable: false,
+        });
+    }
+    catch {
+        globalThis.performance = frozenPerformance;
+    }
+    const sharedArrayBufferCtor = timingGlobals.sharedArrayBufferValue;
+    if (typeof sharedArrayBufferCtor === "function") {
+        const prototype = sharedArrayBufferCtor.prototype;
+        for (const key of SHARED_ARRAY_BUFFER_FREEZE_KEYS) {
+            try {
+                Object.defineProperty(prototype, key, {
+                    get() {
+                        throw new TypeError("SharedArrayBuffer is not available in sandbox");
+                    },
+                    configurable: true,
+                });
+            }
+            catch {
+                // Ignore non-configurable SharedArrayBuffer prototype properties.
+            }
+        }
+    }
+    try {
+        Object.defineProperty(globalThis, "SharedArrayBuffer", {
+            value: undefined,
+            configurable: true,
+            writable: false,
+            enumerable: false,
+        });
+    }
+    catch {
+        Reflect.deleteProperty(globalThis, "SharedArrayBuffer");
+    }
+    return frozenTimeValue;
+}
+function assertPayloadByteLength(payloadLabel, actualBytes, maxBytes) {
+    if (actualBytes <= maxBytes)
+        return;
+    const error = new Error(`[${PAYLOAD_LIMIT_ERROR_CODE}] ${payloadLabel}: payload is ${actualBytes} bytes, limit is ${maxBytes} bytes`);
+    error.code = PAYLOAD_LIMIT_ERROR_CODE;
+    throw error;
+}
+function assertTextPayloadSize(payloadLabel, text, maxBytes) {
+    assertPayloadByteLength(payloadLabel, getUtf8ByteLength(text), maxBytes);
+}
+function parseScryptOptions(value) {
+    if (value == null)
+        return {};
+    if (typeof value === "string") {
+        const parsed = JSON.parse(value);
+        return typeof parsed === "object" && parsed !== null
+            ? parsed
+            : {};
+    }
+    return typeof value === "object" ? value : {};
+}
+function normalizeScryptPositiveInteger(value, fallback, label) {
+    const normalized = value == null ? fallback : Number(value);
+    if (!Number.isInteger(normalized) || normalized <= 0) {
+        throw new Error(`crypto.scrypt ${label} must be a positive integer`);
+    }
+    return normalized;
+}
+function normalizeScryptOptions(value, keyLength) {
+    const options = parseScryptOptions(value);
+    const length = Number(keyLength);
+    if (!Number.isInteger(length) || length < 0) {
+        throw new Error("crypto.scrypt key length must be a non-negative integer");
+    }
+    const cost = normalizeScryptPositiveInteger(options.cost ?? options.N, DEFAULT_SCRYPT_COST, "cost");
+    if ((cost & (cost - 1)) !== 0) {
+        throw new Error("crypto.scrypt cost must be a positive power of two");
+    }
+    return {
+        N: cost,
+        r: normalizeScryptPositiveInteger(options.blockSize ?? options.r, DEFAULT_SCRYPT_BLOCK_SIZE, "block size"),
+        p: normalizeScryptPositiveInteger(options.parallelization ?? options.p, DEFAULT_SCRYPT_PARALLELIZATION, "parallelization"),
+        dkLen: length,
+    };
+}
+const BROWSER_CRYPTO_HASHES = {
+    md5,
+    sha1,
+    sha224,
+    sha256,
+    sha384,
+    sha512,
+};
+function normalizeCryptoHashName(algorithm) {
+    const normalized = String(algorithm).trim().toLowerCase().replace(/[-_]/g, "");
+    if (Object.hasOwn(BROWSER_CRYPTO_HASHES, normalized)) {
+        return normalized;
+    }
+    throw new Error(`Unsupported browser crypto digest algorithm: ${algorithm}`);
+}
+const RSA_PKCS1_DIGEST_PREFIXES = {
+    md5: "3020300c06082a864886f70d020505000410",
+    sha1: "3021300906052b0e03021a05000414",
+    sha224: "302d300d06096086480165030402040500041c",
+    sha256: "3031300d060960864801650304020105000420",
+    sha384: "3041300d060960864801650304020205000430",
+    sha512: "3051300d060960864801650304020305000440",
+};
+function browserCryptoHash(algorithm) {
+    return BROWSER_CRYPTO_HASHES[normalizeCryptoHashName(algorithm)];
+}
+function hashDigestBytes(algorithm, data) {
+    return browserCryptoHash(algorithm)(toUint8Array(data));
+}
+function hmacDigestBytes(algorithm, key, data) {
+    return nobleHmac(browserCryptoHash(algorithm), toUint8Array(key), toUint8Array(data));
+}
+function normalizeSignatureHashName(algorithm) {
+    const normalized = String(algorithm)
+        .trim()
+        .toLowerCase()
+        .replace(/^rsa[-_]/, "");
+    return normalizeCryptoHashName(normalized);
+}
+function bytesToHex(bytes) {
+    return Array.from(bytes, (byte) => byte.toString(16).padStart(2, "0")).join("");
+}
+function hexToBytes(hex) {
+    const out = new Uint8Array(hex.length / 2);
+    for (let index = 0; index < out.length; index++) {
+        out[index] = Number.parseInt(hex.slice(index * 2, index * 2 + 2), 16);
+    }
+    return out;
+}
+function concatBytes(chunks) {
+    const total = chunks.reduce((sum, chunk) => sum + chunk.byteLength, 0);
+    const out = new Uint8Array(total);
+    let offset = 0;
+    for (const chunk of chunks) {
+        out.set(chunk, offset);
+        offset += chunk.byteLength;
+    }
+    return out;
+}
+function pemToDerBytes(value) {
+    let pem;
+    if (typeof value === "string") {
+        try {
+            const parsed = JSON.parse(value);
+            pem = typeof parsed === "string" ? parsed : value;
+        }
+        catch {
+            pem = value;
+        }
+    }
+    else if (value && typeof value === "object" && "key" in value) {
+        return pemToDerBytes(value.key);
+    }
+    else {
+        throw new Error("Browser crypto RSA key must be a PEM string");
+    }
+    const base64 = pem.replace(/-----BEGIN [^-]+-----|-----END [^-]+-----|\s+/g, "");
+    return base64ToBytes(base64);
+}
+class DerReader {
+    bytes;
+    offset = 0;
+    constructor(bytes) {
+        this.bytes = bytes;
+    }
+    get position() {
+        return this.offset;
+    }
+    set position(value) {
+        this.offset = value;
+    }
+    readTag(expected) {
+        const tag = this.bytes[this.offset++];
+        if (tag !== expected) {
+            throw new Error(`Invalid RSA key DER tag: expected ${expected}, got ${tag}`);
+        }
+        const length = this.readLength();
+        const end = this.offset + length;
+        if (end > this.bytes.byteLength) {
+            throw new Error("Invalid RSA key DER length");
+        }
+        const value = this.bytes.subarray(this.offset, end);
+        this.offset = end;
+        return value;
+    }
+    readSequence() {
+        return new DerReader(this.readTag(0x30));
+    }
+    readInteger() {
+        let value = this.readTag(0x02);
+        while (value.byteLength > 1 && value[0] === 0) {
+            value = value.subarray(1);
+        }
+        return value;
+    }
+    readOctetString() {
+        return this.readTag(0x04);
+    }
+    readBitString() {
+        const value = this.readTag(0x03);
+        if (value[0] !== 0) {
+            throw new Error("Unsupported RSA key bit string padding");
+        }
+        return value.subarray(1);
+    }
+    skipAny() {
+        const tag = this.bytes[this.offset++];
+        if (tag == null) {
+            throw new Error("Invalid RSA key DER");
+        }
+        const length = this.readLength();
+        this.offset += length;
+        if (this.offset > this.bytes.byteLength) {
+            throw new Error("Invalid RSA key DER length");
+        }
+    }
+    readLength() {
+        const first = this.bytes[this.offset++];
+        if (first == null) {
+            throw new Error("Invalid RSA key DER length");
+        }
+        if ((first & 0x80) === 0) {
+            return first;
+        }
+        const lengthBytes = first & 0x7f;
+        if (lengthBytes === 0 || lengthBytes > 4) {
+            throw new Error("Unsupported RSA key DER length");
+        }
+        let length = 0;
+        for (let index = 0; index < lengthBytes; index++) {
+            length = (length << 8) | this.bytes[this.offset++];
+        }
+        return length;
+    }
+}
+function bytesToBigInt(bytes) {
+    const hex = bytesToHex(bytes);
+    return hex.length === 0 ? 0n : BigInt(`0x${hex}`);
+}
+function bigIntToBytes(value, length) {
+    let hex = value.toString(16);
+    if (hex.length % 2 !== 0) {
+        hex = `0${hex}`;
+    }
+    const bytes = hexToBytes(hex);
+    if (bytes.byteLength > length) {
+        throw new Error("RSA value exceeds modulus length");
+    }
+    const out = new Uint8Array(length);
+    out.set(bytes, length - bytes.byteLength);
+    return out;
+}
+function modPow(base, exponent, modulus) {
+    let result = 1n;
+    let factor = base % modulus;
+    let power = exponent;
+    while (power > 0n) {
+        if ((power & 1n) === 1n) {
+            result = (result * factor) % modulus;
+        }
+        factor = (factor * factor) % modulus;
+        power >>= 1n;
+    }
+    return result;
+}
+function readRsaPublicKeyFromSequence(reader) {
+    const modulusBytes = reader.readInteger();
+    const exponentBytes = reader.readInteger();
+    return {
+        modulus: bytesToBigInt(modulusBytes),
+        exponent: bytesToBigInt(exponentBytes),
+        modulusLength: modulusBytes.byteLength,
+    };
+}
+function parseRsaPublicKey(key) {
+    const der = pemToDerBytes(key);
+    const outer = new DerReader(der).readSequence();
+    outer.skipAny();
+    const publicKey = new DerReader(outer.readBitString()).readSequence();
+    return readRsaPublicKeyFromSequence(publicKey);
+}
+function parseRsaPrivateKey(key) {
+    const der = pemToDerBytes(key);
+    const outer = new DerReader(der).readSequence();
+    outer.skipAny();
+    outer.skipAny();
+    const privateKey = new DerReader(outer.readOctetString()).readSequence();
+    privateKey.skipAny();
+    const modulusBytes = privateKey.readInteger();
+    privateKey.skipAny();
+    const privateExponentBytes = privateKey.readInteger();
+    return {
+        modulus: bytesToBigInt(modulusBytes),
+        exponent: bytesToBigInt(privateExponentBytes),
+        modulusLength: modulusBytes.byteLength,
+    };
+}
+function rsaPkcs1DigestInfo(algorithm, data) {
+    const hashName = normalizeSignatureHashName(algorithm);
+    const digest = hashDigestBytes(hashName, data);
+    return {
+        hashName,
+        encoded: concatBytes([hexToBytes(RSA_PKCS1_DIGEST_PREFIXES[hashName]), digest]),
+    };
+}
+function rsaPkcs1EncodeDigestInfo(hashName, digestInfo, length) {
+    const minimumLength = digestInfo.byteLength + 11;
+    if (length < minimumLength) {
+        throw new Error(`RSA key is too small for ${hashName} signature`);
+    }
+    const out = new Uint8Array(length);
+    out[0] = 0;
+    out[1] = 1;
+    out.fill(0xff, 2, length - digestInfo.byteLength - 1);
+    out[length - digestInfo.byteLength - 1] = 0;
+    out.set(digestInfo, length - digestInfo.byteLength);
+    return out;
+}
+function browserRsaSign(algorithm, data, key) {
+    const privateKey = parseRsaPrivateKey(key);
+    const { hashName, encoded } = rsaPkcs1DigestInfo(algorithm, data);
+    const padded = rsaPkcs1EncodeDigestInfo(hashName, encoded, privateKey.modulusLength);
+    const signature = modPow(bytesToBigInt(padded), privateKey.exponent, privateKey.modulus);
+    return bigIntToBytes(signature, privateKey.modulusLength);
+}
+function browserRsaVerify(algorithm, data, key, signatureValue) {
+    const publicKey = parseRsaPublicKey(key);
+    const signature = toUint8Array(signatureValue);
+    if (signature.byteLength !== publicKey.modulusLength) {
+        return false;
+    }
+    const { hashName, encoded } = rsaPkcs1DigestInfo(algorithm, data);
+    const expected = rsaPkcs1EncodeDigestInfo(hashName, encoded, publicKey.modulusLength);
+    const actual = bigIntToBytes(modPow(bytesToBigInt(signature), publicKey.exponent, publicKey.modulus), publicKey.modulusLength);
+    if (actual.byteLength !== expected.byteLength) {
+        return false;
+    }
+    let diff = 0;
+    for (let index = 0; index < expected.byteLength; index++) {
+        diff |= actual[index] ^ expected[index];
+    }
+    return diff === 0;
+}
+const BROWSER_RSA_PKCS1_PADDING = 1;
+const BROWSER_RSA_PKCS1_OAEP_PADDING = 4;
+function normalizeRsaAsymmetricOptions(value) {
+    if (value == null)
+        return {};
+    if (typeof value === "string") {
+        const parsed = JSON.parse(value);
+        return parsed && typeof parsed === "object"
+            ? parsed
+            : {};
+    }
+    return typeof value === "object" ? value : {};
+}
+function randomNonZeroBytes(length) {
+    const bytes = new Uint8Array(length);
+    const crypto = globalThis.crypto;
+    if (!crypto?.getRandomValues) {
+        throw new Error("Browser runtime crypto requires getRandomValues support");
+    }
+    let offset = 0;
+    while (offset < length) {
+        const candidate = new Uint8Array(length - offset);
+        crypto.getRandomValues(candidate);
+        for (const byte of candidate) {
+            if (byte !== 0) {
+                bytes[offset++] = byte;
+                if (offset === length)
+                    break;
+            }
+        }
+    }
+    return bytes;
+}
+function xorBytes(left, right) {
+    if (left.byteLength !== right.byteLength) {
+        throw new Error("RSA OAEP mask length mismatch");
+    }
+    const out = new Uint8Array(left.byteLength);
+    for (let index = 0; index < out.byteLength; index++) {
+        out[index] = left[index] ^ right[index];
+    }
+    return out;
+}
+function mgf1(seed, length, hashName) {
+    const chunks = [];
+    let counter = 0;
+    let remaining = length;
+    while (remaining > 0) {
+        const counterBytes = new Uint8Array([
+            (counter >>> 24) & 0xff,
+            (counter >>> 16) & 0xff,
+            (counter >>> 8) & 0xff,
+            counter & 0xff,
+        ]);
+        const digest = hashDigestBytes(hashName, concatBytes([seed, counterBytes]));
+        chunks.push(digest.subarray(0, Math.min(remaining, digest.byteLength)));
+        remaining -= digest.byteLength;
+        counter++;
+    }
+    return concatBytes(chunks).subarray(0, length);
+}
+function normalizeOaepHashName(value) {
+    return value == null ? "sha1" : normalizeCryptoHashName(value);
+}
+function rsaEncryptPkcs1(key, data) {
+    const paddingLength = key.modulusLength - data.byteLength - 3;
+    if (paddingLength < 8) {
+        throw new Error("RSA_PKCS1_PADDING input is too large for key size");
+    }
+    const encoded = concatBytes([
+        new Uint8Array([0, 2]),
+        randomNonZeroBytes(paddingLength),
+        new Uint8Array([0]),
+        data,
+    ]);
+    const encrypted = modPow(bytesToBigInt(encoded), key.exponent, key.modulus);
+    return bigIntToBytes(encrypted, key.modulusLength);
+}
+function rsaDecryptPkcs1(key, encrypted) {
+    if (encrypted.byteLength !== key.modulusLength) {
+        throw new Error("RSA_PKCS1_PADDING encrypted input has invalid length");
+    }
+    const encoded = bigIntToBytes(modPow(bytesToBigInt(encrypted), key.exponent, key.modulus), key.modulusLength);
+    if (encoded[0] !== 0 || encoded[1] !== 2) {
+        throw new Error("RSA_PKCS1_PADDING block is invalid");
+    }
+    let separator = -1;
+    for (let index = 2; index < encoded.byteLength; index++) {
+        if (encoded[index] === 0) {
+            separator = index;
+            break;
+        }
+    }
+    if (separator < 10) {
+        throw new Error("RSA_PKCS1_PADDING block is invalid");
+    }
+    return encoded.subarray(separator + 1);
+}
+function rsaEncryptOaep(key, data, options) {
+    const hashName = normalizeOaepHashName(options.oaepHash);
+    const label = optionalBytes(options.oaepLabel);
+    const hash = browserCryptoHash(hashName);
+    const hLen = hash.outputLen;
+    const maxMessageLength = key.modulusLength - 2 * hLen - 2;
+    if (data.byteLength > maxMessageLength) {
+        throw new Error("RSA_PKCS1_OAEP_PADDING input is too large for key size");
+    }
+    const lHash = hash(label);
+    const ps = new Uint8Array(maxMessageLength - data.byteLength);
+    const db = concatBytes([lHash, ps, new Uint8Array([1]), data]);
+    const seed = new Uint8Array(hLen);
+    if (!globalThis.crypto?.getRandomValues) {
+        throw new Error("Browser runtime crypto requires getRandomValues support");
+    }
+    globalThis.crypto.getRandomValues(seed);
+    const dbMask = mgf1(seed, key.modulusLength - hLen - 1, hashName);
+    const maskedDb = xorBytes(db, dbMask);
+    const seedMask = mgf1(maskedDb, hLen, hashName);
+    const maskedSeed = xorBytes(seed, seedMask);
+    const encoded = concatBytes([new Uint8Array([0]), maskedSeed, maskedDb]);
+    const encrypted = modPow(bytesToBigInt(encoded), key.exponent, key.modulus);
+    return bigIntToBytes(encrypted, key.modulusLength);
+}
+function rsaDecryptOaep(key, encrypted, options) {
+    if (encrypted.byteLength !== key.modulusLength) {
+        throw new Error("RSA_PKCS1_OAEP_PADDING encrypted input has invalid length");
+    }
+    const hashName = normalizeOaepHashName(options.oaepHash);
+    const label = optionalBytes(options.oaepLabel);
+    const hash = browserCryptoHash(hashName);
+    const hLen = hash.outputLen;
+    if (key.modulusLength < 2 * hLen + 2) {
+        throw new Error("RSA key is too small for OAEP");
+    }
+    const encoded = bigIntToBytes(modPow(bytesToBigInt(encrypted), key.exponent, key.modulus), key.modulusLength);
+    const maskedSeed = encoded.subarray(1, 1 + hLen);
+    const maskedDb = encoded.subarray(1 + hLen);
+    const seedMask = mgf1(maskedDb, hLen, hashName);
+    const seed = xorBytes(maskedSeed, seedMask);
+    const dbMask = mgf1(seed, key.modulusLength - hLen - 1, hashName);
+    const db = xorBytes(maskedDb, dbMask);
+    const lHash = hash(label);
+    let diff = encoded[0];
+    for (let index = 0; index < hLen; index++) {
+        diff |= db[index] ^ lHash[index];
+    }
+    let separator = -1;
+    for (let index = hLen; index < db.byteLength; index++) {
+        if (separator === -1 && db[index] === 1) {
+            separator = index;
+            break;
+        }
+        if (db[index] !== 0) {
+            diff |= db[index];
+        }
+    }
+    if (diff !== 0 || separator === -1) {
+        throw new Error("RSA_PKCS1_OAEP_PADDING block is invalid");
+    }
+    return db.subarray(separator + 1);
+}
+function browserRsaAsymmetricOp(operation, keyValue, dataValue, optionsValue) {
+    const operationName = String(operation);
+    const options = normalizeRsaAsymmetricOptions(optionsValue);
+    const padding = options.padding == null
+        ? BROWSER_RSA_PKCS1_OAEP_PADDING
+        : Number(options.padding);
+    const data = toUint8Array(dataValue);
+    if (operationName === "publicEncrypt") {
+        const publicKey = parseRsaPublicKey(keyValue);
+        if (padding === BROWSER_RSA_PKCS1_PADDING) {
+            return rsaEncryptPkcs1(publicKey, data);
+        }
+        if (padding === BROWSER_RSA_PKCS1_OAEP_PADDING) {
+            return rsaEncryptOaep(publicKey, data, options);
+        }
+    }
+    if (operationName === "privateDecrypt") {
+        const privateKey = parseRsaPrivateKey(keyValue);
+        if (padding === BROWSER_RSA_PKCS1_PADDING) {
+            return rsaDecryptPkcs1(privateKey, data);
+        }
+        if (padding === BROWSER_RSA_PKCS1_OAEP_PADDING) {
+            return rsaDecryptOaep(privateKey, data, options);
+        }
+    }
+    throw new Error(`Unsupported browser RSA asymmetric operation: ${operationName}`);
+}
+function pbkdf2Bytes(password, salt, iterations, keyLength, algorithm) {
+    const normalizedIterations = Number(iterations);
+    if (!Number.isInteger(normalizedIterations) || normalizedIterations <= 0) {
+        throw new Error("crypto.pbkdf2 iterations must be greater than zero");
+    }
+    const length = Number(keyLength);
+    if (!Number.isInteger(length) || length < 0) {
+        throw new Error("crypto.pbkdf2 key length must be a non-negative integer");
+    }
+    return noblePbkdf2(browserCryptoHash(algorithm), toUint8Array(password), toUint8Array(salt), { c: normalizedIterations, dkLen: length });
+}
+function normalizeBrowserAesAlgorithm(algorithm) {
+    const normalized = String(algorithm).toLowerCase();
+    const match = /^aes-(128|192|256)-(cbc|ctr|gcm)$/.exec(normalized);
+    if (!match) {
+        throw new Error(`Unsupported browser crypto cipher: ${algorithm}`);
+    }
+    return {
+        keyLength: Number(match[1]) / 8,
+        mode: match[2],
+    };
+}
+function normalizeBrowserCipherivOptions(optionsJson) {
+    if (optionsJson == null)
+        return {};
+    if (typeof optionsJson === "string") {
+        const parsed = JSON.parse(optionsJson);
+        return parsed && typeof parsed === "object"
+            ? parsed
+            : {};
+    }
+    return typeof optionsJson === "object"
+        ? optionsJson
+        : {};
+}
+function optionalBytes(value) {
+    return value == null ? new Uint8Array(0) : toUint8Array(value);
+}
+function assertAesInputLengths(algorithm, key, iv, mode, keyLength) {
+    if (key.byteLength !== keyLength) {
+        throw new Error(`Invalid key length for ${String(algorithm)}: expected ${keyLength} bytes, got ${key.byteLength}`);
+    }
+    if ((mode === "cbc" || mode === "ctr") && iv.byteLength !== 16) {
+        throw new Error(`Invalid IV length for ${String(algorithm)}: expected 16 bytes, got ${iv.byteLength}`);
+    }
+    if (mode === "gcm" && iv.byteLength < 8) {
+        throw new Error(`Invalid IV length for ${String(algorithm)}: expected at least 8 bytes, got ${iv.byteLength}`);
+    }
+}
+function browserCipheriv(algorithm, keyValue, ivValue, dataValue, optionsJson) {
+    const { mode, keyLength } = normalizeBrowserAesAlgorithm(algorithm);
+    const key = toUint8Array(keyValue);
+    const iv = toUint8Array(ivValue);
+    const data = toUint8Array(dataValue);
+    const options = normalizeBrowserCipherivOptions(optionsJson);
+    assertAesInputLengths(algorithm, key, iv, mode, keyLength);
+    if (mode === "cbc") {
+        return nobleAesCbc(key, iv, {
+            disablePadding: options.autoPadding === false,
+        }).encrypt(data);
+    }
+    if (mode === "ctr") {
+        return nobleAesCtr(key, iv).encrypt(data);
+    }
+    const encrypted = nobleAesGcm(key, iv, optionalBytes(options.aad)).encrypt(data);
+    const tagLength = nobleAesGcm.tagLength;
+    const ciphertextLength = encrypted.byteLength - tagLength;
+    const out = new Uint8Array(encrypted.byteLength);
+    out.set(encrypted.subarray(0, ciphertextLength), 0);
+    out.set(encrypted.subarray(ciphertextLength), ciphertextLength);
+    return out;
+}
+function browserDecipheriv(algorithm, keyValue, ivValue, dataValue, optionsJson) {
+    const { mode, keyLength } = normalizeBrowserAesAlgorithm(algorithm);
+    const key = toUint8Array(keyValue);
+    const iv = toUint8Array(ivValue);
+    const data = toUint8Array(dataValue);
+    const options = normalizeBrowserCipherivOptions(optionsJson);
+    assertAesInputLengths(algorithm, key, iv, mode, keyLength);
+    if (mode === "cbc") {
+        return nobleAesCbc(key, iv, {
+            disablePadding: options.autoPadding === false,
+        }).decrypt(data);
+    }
+    if (mode === "ctr") {
+        return nobleAesCtr(key, iv).decrypt(data);
+    }
+    const authTag = optionalBytes(options.authTag);
+    if (authTag.byteLength === 0) {
+        throw new Error(`Missing auth tag for ${String(algorithm)} decipher`);
+    }
+    const combined = new Uint8Array(data.byteLength + authTag.byteLength);
+    combined.set(data, 0);
+    combined.set(authTag, data.byteLength);
+    return nobleAesGcm(key, iv, optionalBytes(options.aad)).decrypt(combined);
+}
+function unsupportedBrowserCrypto(operation) {
+    const error = new Error(`ERR_UNSUPPORTED_BROWSER_CRYPTO: node:crypto ${operation} is not implemented in the browser runtime yet`);
+    error.code = "ERR_UNSUPPORTED_BROWSER_CRYPTO";
+    throw error;
+}
+function boundErrorMessage(message) {
+    if (message.length <= MAX_ERROR_MESSAGE_CHARS) {
+        return message;
+    }
+    return `${message.slice(0, MAX_ERROR_MESSAGE_CHARS)}...[Truncated]`;
+}
+function boundStdioMessage(message) {
+    if (message.length <= MAX_STDIO_MESSAGE_CHARS) {
+        return message;
+    }
+    return `${message.slice(0, MAX_STDIO_MESSAGE_CHARS)}...[Truncated]`;
+}
+function revivePermission(source) {
+    if (!source)
+        return undefined;
+    // Validate source before eval to prevent code injection
+    if (!validatePermissionSource(source))
+        return undefined;
+    try {
+        const fn = new Function(`return (${source});`)();
+        if (typeof fn === "function")
+            return fn;
+        return undefined;
+    }
+    catch {
+        return undefined;
+    }
+}
+/** Deserialize permission callbacks that were stringified for transfer across the Worker boundary. */
+function revivePermissions(serialized) {
+    if (!serialized)
+        return undefined;
+    const perms = {};
+    perms.fs = revivePermission(serialized.fs);
+    perms.network = revivePermission(serialized.network);
+    perms.childProcess = revivePermission(serialized.childProcess);
+    perms.env = revivePermission(serialized.env);
+    return perms;
+}
+/**
+ * Wrap a sync function in the bridge calling convention (`applySync`) so
+ * bridge code can call it the same way it calls bridge References.
+ */
+function makeApplySync(fn) {
+    const applySync = (_ctx, args) => fn(...args);
+    return {
+        applySync,
+        applySyncPromise: applySync,
+    };
+}
+function makeApplySyncPromise(fn) {
+    return {
+        applySyncPromise(_ctx, args) {
+            return fn(...args);
+        },
+    };
+}
+function makeApplyPromise(fn) {
+    return {
+        apply(_ctx, args) {
+            return fn(...args);
+        },
+    };
+}
+function normalizeTextEncoding(options) {
+    if (typeof options === "string") {
+        return options;
+    }
+    if (options && typeof options === "object" && "encoding" in options) {
+        const encoding = options.encoding;
+        return typeof encoding === "string" ? encoding : null;
+    }
+    return null;
+}
+function toNodeBuffer(bytes) {
+    if (typeof Buffer === "function") {
+        return Buffer.from(bytes);
+    }
+    return bytes;
+}
+function createStats(stat) {
+    return {
+        ...stat,
+        isFile: () => !stat.isDirectory && !stat.isSymbolicLink,
+        isDirectory: () => stat.isDirectory,
+        isSymbolicLink: () => stat.isSymbolicLink,
+    };
+}
+function createDirent(entry) {
+    return {
+        name: entry.name,
+        isFile: () => !entry.isDirectory && !entry.isSymbolicLink,
+        isDirectory: () => entry.isDirectory,
+        isSymbolicLink: () => Boolean(entry.isSymbolicLink),
+    };
+}
+function createFsModule(syncBridge) {
+    const readFileSync = (path, options) => {
+        const encoding = normalizeTextEncoding(options);
+        if (encoding) {
+            return syncBridge.requestText("fs.readFile", [path]);
+        }
+        return toNodeBuffer(syncBridge.requestBinary("fs.readFileBinary", [path]));
+    };
+    const writeFileSync = (path, content) => {
+        if (typeof content === "string") {
+            syncBridge.requestVoid("fs.writeFile", [path, content]);
+            return;
+        }
+        syncBridge.requestVoid("fs.writeFileBinary", [path, toUint8Array(content)]);
+    };
+    const mkdirSync = (path, options) => {
+        const recursive = typeof options === "boolean" ? options : (options?.recursive ?? true);
+        if (recursive) {
+            syncBridge.requestVoid("fs.mkdir", [path]);
+            return;
+        }
+        syncBridge.requestVoid("fs.createDir", [path]);
+    };
+    const readdirSync = (path, options) => {
+        const entries = syncBridge.requestJson("fs.readDir", [
+            path,
+        ]);
+        if (options?.withFileTypes) {
+            return entries.map((entry) => createDirent(entry));
+        }
+        return entries.map((entry) => entry.name);
+    };
+    const statSync = (path) => createStats(syncBridge.requestJson("fs.stat", [path]));
+    const lstatSync = (path) => createStats(syncBridge.requestJson("fs.lstat", [path]));
+    const promises = {
+        readFile(path, options) {
+            return Promise.resolve(readFileSync(path, options));
+        },
+        writeFile(path, content) {
+            writeFileSync(path, content);
+            return Promise.resolve();
+        },
+        mkdir(path, options) {
+            mkdirSync(path, options);
+            return Promise.resolve();
+        },
+        readdir(path, options) {
+            return Promise.resolve(readdirSync(path, options));
+        },
+        stat(path) {
+            return Promise.resolve(statSync(path));
+        },
+        lstat(path) {
+            return Promise.resolve(lstatSync(path));
+        },
+        unlink(path) {
+            syncBridge.requestVoid("fs.unlink", [path]);
+            return Promise.resolve();
+        },
+        rmdir(path) {
+            syncBridge.requestVoid("fs.rmdir", [path]);
+            return Promise.resolve();
+        },
+        rm(path) {
+            syncBridge.requestVoid("fs.unlink", [path]);
+            return Promise.resolve();
+        },
+        rename(oldPath, newPath) {
+            syncBridge.requestVoid("fs.rename", [oldPath, newPath]);
+            return Promise.resolve();
+        },
+        realpath(path) {
+            return Promise.resolve(syncBridge.requestText("fs.realpath", [path]));
+        },
+        readlink(path) {
+            return Promise.resolve(syncBridge.requestText("fs.readlink", [path]));
+        },
+        symlink(target, path) {
+            syncBridge.requestVoid("fs.symlink", [target, path]);
+            return Promise.resolve();
+        },
+        link(existingPath, newPath) {
+            syncBridge.requestVoid("fs.link", [existingPath, newPath]);
+            return Promise.resolve();
+        },
+        chmod(path, mode) {
+            syncBridge.requestVoid("fs.chmod", [path, mode]);
+            return Promise.resolve();
+        },
+        truncate(path, length = 0) {
+            syncBridge.requestVoid("fs.truncate", [path, length]);
+            return Promise.resolve();
+        },
+    };
+    return {
+        readFileSync,
+        writeFileSync,
+        mkdirSync,
+        readdirSync,
+        existsSync(path) {
+            return syncBridge.requestJson("fs.exists", [path]);
+        },
+        statSync,
+        lstatSync,
+        unlinkSync(path) {
+            syncBridge.requestVoid("fs.unlink", [path]);
+        },
+        rmdirSync(path) {
+            syncBridge.requestVoid("fs.rmdir", [path]);
+        },
+        rmSync(path) {
+            syncBridge.requestVoid("fs.unlink", [path]);
+        },
+        renameSync(oldPath, newPath) {
+            syncBridge.requestVoid("fs.rename", [oldPath, newPath]);
+        },
+        realpathSync(path) {
+            return syncBridge.requestText("fs.realpath", [path]);
+        },
+        readlinkSync(path) {
+            return syncBridge.requestText("fs.readlink", [path]);
+        },
+        symlinkSync(target, path) {
+            syncBridge.requestVoid("fs.symlink", [target, path]);
+        },
+        linkSync(existingPath, newPath) {
+            syncBridge.requestVoid("fs.link", [existingPath, newPath]);
+        },
+        chmodSync(path, mode) {
+            syncBridge.requestVoid("fs.chmod", [path, mode]);
+        },
+        truncateSync(path, length = 0) {
+            syncBridge.requestVoid("fs.truncate", [path, length]);
+        },
+        promises,
+    };
+}
+// Save real postMessage before sandbox code can replace it
+const _realPostMessage = self.postMessage.bind(self);
+function postResponse(message) {
+    _realPostMessage({
+        controlToken: getRequiredControlToken(),
+        ...message,
+    });
+}
+function postAsyncResponse(id, promise) {
+    void promise.then((result) => {
+        postResponse({ type: "response", id, ok: true, result });
+    }, (err) => {
+        const error = err;
+        postResponse({
+            type: "response",
+            id,
+            ok: false,
+            error: {
+                message: error?.message ?? String(err),
+                stack: error?.stack,
+                code: error?.code,
+            },
+        });
+    });
+}
+function postSyncRequest(message) {
+    _realPostMessage({
+        controlToken: getRequiredControlToken(),
+        ...message,
+    });
+}
+function postStdio(executionId, requestId, channel, message) {
+    const payload = {
+        controlToken: getRequiredControlToken(),
+        type: "stdio",
+        executionId,
+        requestId,
+        channel,
+        message,
+    };
+    _realPostMessage(payload);
+}
+function emitStdio(executionId, requestId, channel, message) {
+    postStdio(executionId, requestId, channel, boundStdioMessage(message));
+}
+function emitActiveStdio(channel, args) {
+    if (!activeCaptureStdio ||
+        activeProcessRequestId === null ||
+        activeExecutionId === null) {
+        return;
+    }
+    const message = args.map((arg) => normalizeProcessOutputChunk(arg)).join(" ");
+    emitStdio(activeExecutionId, activeProcessRequestId, channel, message);
+}
+function createSyncBridgeClient(payload) {
+    const signal = new Int32Array(payload.signalBuffer);
+    const data = new Uint8Array(payload.dataBuffer);
+    let nextRequestId = 1;
+    const timeoutMs = payload.timeoutMs ?? 30_000;
+    function readBytes(length) {
+        if (length <= 0) {
+            return new Uint8Array(0);
+        }
+        return data.slice(0, length);
+    }
+    function requestRaw(operation, args) {
+        if (!activeExecutionId || activeProcessRequestId === null) {
+            throw new Error(`Browser runtime sync bridge ${operation} called outside an active execution`);
+        }
+        Atomics.store(signal, SYNC_BRIDGE_SIGNAL_STATE_INDEX, SYNC_BRIDGE_SIGNAL_STATE_IDLE);
+        Atomics.store(signal, SYNC_BRIDGE_SIGNAL_STATUS_INDEX, 0);
+        Atomics.store(signal, SYNC_BRIDGE_SIGNAL_KIND_INDEX, SYNC_BRIDGE_KIND_NONE);
+        Atomics.store(signal, SYNC_BRIDGE_SIGNAL_LENGTH_INDEX, 0);
+        postSyncRequest({
+            type: "sync-request",
+            requestId: nextRequestId++,
+            executionId: activeExecutionId,
+            processRequestId: activeProcessRequestId,
+            operation,
+            args,
+        });
+        while (true) {
+            const result = Atomics.wait(signal, SYNC_BRIDGE_SIGNAL_STATE_INDEX, SYNC_BRIDGE_SIGNAL_STATE_IDLE, timeoutMs);
+            if (result !== "timed-out") {
+                break;
+            }
+            throw new Error(`Browser runtime sync bridge timed out while handling ${operation}`);
+        }
+        const status = Atomics.load(signal, SYNC_BRIDGE_SIGNAL_STATUS_INDEX);
+        const kind = Atomics.load(signal, SYNC_BRIDGE_SIGNAL_KIND_INDEX);
+        const length = Atomics.load(signal, SYNC_BRIDGE_SIGNAL_LENGTH_INDEX);
+        const bytes = readBytes(length);
+        Atomics.store(signal, SYNC_BRIDGE_SIGNAL_STATE_INDEX, SYNC_BRIDGE_SIGNAL_STATE_IDLE);
+        if (status === SYNC_BRIDGE_STATUS_ERROR) {
+            const errorPayload = JSON.parse(decoder.decode(bytes));
+            const error = new Error(errorPayload.message);
+            if (errorPayload.code) {
+                error.code = errorPayload.code;
+            }
+            throw error;
+        }
+        return { kind, bytes };
+    }
+    return {
+        requestVoid(operation, args) {
+            requestRaw(operation, args);
+        },
+        requestText(operation, args) {
+            const result = requestRaw(operation, args);
+            if (result.kind !== SYNC_BRIDGE_KIND_TEXT) {
+                throw new Error(`Expected text response from ${operation}, received kind ${result.kind}`);
+            }
+            return decoder.decode(result.bytes);
+        },
+        requestNullableText(operation, args) {
+            const result = requestRaw(operation, args);
+            if (result.kind === SYNC_BRIDGE_KIND_NONE) {
+                return null;
+            }
+            if (result.kind !== SYNC_BRIDGE_KIND_TEXT) {
+                throw new Error(`Expected text response from ${operation}, received kind ${result.kind}`);
+            }
+            return decoder.decode(result.bytes);
+        },
+        requestBinary(operation, args) {
+            const result = requestRaw(operation, args);
+            if (result.kind !== SYNC_BRIDGE_KIND_BINARY) {
+                throw new Error(`Expected binary response from ${operation}, received kind ${result.kind}`);
+            }
+            return result.bytes;
+        },
+        requestJson(operation, args) {
+            const result = requestRaw(operation, args);
+            if (result.kind !== SYNC_BRIDGE_KIND_JSON) {
+                throw new Error(`Expected JSON response from ${operation}, received kind ${result.kind}`);
+            }
+            return JSON.parse(decoder.decode(result.bytes));
+        },
+    };
+}
+/**
+ * Initialize the worker-side runtime: set up filesystem, network, bridge
+ * globals, and load the bridge bundle. Called once before any exec/run.
+ */
+async function initRuntime(payload) {
+    if (initialized)
+        return;
+    assertBrowserSyncBridgeSupport();
+    captureTimingGlobals();
+    if (!payload.syncBridge) {
+        throw new Error("Browser runtime sync bridge is required for filesystem and module loading parity");
+    }
+    permissions = revivePermissions(payload.permissions);
+    const syncBridge = createSyncBridgeClient(payload.syncBridge);
+    activeSyncBridge = syncBridge;
+    // Apply payload limits (use defaults if not configured)
+    base64TransferLimitBytes =
+        payload.payloadLimits?.base64TransferBytes ?? DEFAULT_BASE64_TRANSFER_BYTES;
+    jsonPayloadLimitBytes =
+        payload.payloadLimits?.jsonPayloadBytes ?? DEFAULT_JSON_PAYLOAD_BYTES;
+    if (payload.networkEnabled) {
+        networkAdapter = wrapNetworkAdapter(createBrowserNetworkAdapter(), permissions);
+    }
+    else {
+        networkAdapter = createNetworkStub();
+    }
+    const processConfig = payload.processConfig ?? {};
+    runtimeProcessConfig = processConfig;
+    runtimeTimingMitigation =
+        payload.timingMitigation ??
+            processConfig.timingMitigation ??
+            runtimeTimingMitigation;
+    processConfig.env = filterEnv(processConfig.env, permissions);
+    processConfig.timingMitigation = runtimeTimingMitigation;
+    delete processConfig.frozenTimeMs;
+    exposeCustomGlobal("_processConfig", processConfig);
+    const osConfig = payload.osConfig ?? {};
+    exposeCustomGlobal("_osConfig", osConfig);
+    exposeCustomGlobal("__agentOsVirtualOs", osConfig);
+    exposeCustomGlobal("_log", makeApplySync((...args) => {
+        emitActiveStdio("stdout", args);
+    }));
+    exposeCustomGlobal("_error", makeApplySync((...args) => {
+        emitActiveStdio("stderr", args);
+    }));
+    // Set up filesystem bridge globals before loading runtime shims.
+    const readFileRef = makeApplySync((path) => {
+        const text = syncBridge.requestText("fs.readFile", [path]);
+        assertTextPayloadSize(`fs.readFile ${path}`, text, jsonPayloadLimitBytes);
+        return text;
+    });
+    const writeFileRef = makeApplySync((path, content) => {
+        assertTextPayloadSize(`fs.writeFile ${path}`, content, jsonPayloadLimitBytes);
+        syncBridge.requestVoid("fs.writeFile", [path, content]);
+    });
+    const readFileBinaryRef = makeApplySync((path) => {
+        const data = syncBridge.requestBinary("fs.readFileBinary", [path]);
+        assertPayloadByteLength(`fs.readFileBinary ${path}`, data.byteLength, base64TransferLimitBytes);
+        return data;
+    });
+    const writeFileBinaryRef = makeApplySync((path, binaryContent) => {
+        assertPayloadByteLength(`fs.writeFileBinary ${path}`, binaryContent.byteLength, base64TransferLimitBytes);
+        syncBridge.requestVoid("fs.writeFileBinary", [path, binaryContent]);
+    });
+    const readDirRef = makeApplySync((path) => {
+        const json = JSON.stringify(syncBridge.requestJson("fs.readDir", [path]));
+        assertTextPayloadSize(`fs.readDir ${path}`, json, jsonPayloadLimitBytes);
+        return json;
+    });
+    const mkdirRef = makeApplySync((path) => {
+        syncBridge.requestVoid("fs.mkdir", [path]);
+    });
+    const rmdirRef = makeApplySync((path) => {
+        syncBridge.requestVoid("fs.rmdir", [path]);
+    });
+    const existsRef = makeApplySync((path) => {
+        return syncBridge.requestJson("fs.exists", [path]);
+    });
+    const statRef = makeApplySync((path) => {
+        return JSON.stringify(syncBridge.requestJson("fs.stat", [path]));
+    });
+    const unlinkRef = makeApplySync((path) => {
+        syncBridge.requestVoid("fs.unlink", [path]);
+    });
+    const renameRef = makeApplySync((oldPath, newPath) => {
+        syncBridge.requestVoid("fs.rename", [oldPath, newPath]);
+    });
+    exposeCustomGlobal("_fs", {
+        readFile: readFileRef,
+        writeFile: writeFileRef,
+        readFileBinary: readFileBinaryRef,
+        writeFileBinary: writeFileBinaryRef,
+        readDir: readDirRef,
+        mkdir: mkdirRef,
+        rmdir: rmdirRef,
+        exists: existsRef,
+        stat: statRef,
+        unlink: unlinkRef,
+        rename: renameRef,
+    });
+    exposeCustomGlobal("_loadPolyfill", makeApplySync((moduleName) => {
+        const name = moduleName.replace(/^node:/, "");
+        const polyfillMap = POLYFILL_CODE_MAP;
+        return polyfillMap[name] ?? null;
+    }));
+    const resolveModuleSync = (request, fromDir, mode) => {
+        return syncBridge.requestNullableText("module.resolve", [
+            request,
+            fromDir,
+            mode ?? "require",
+        ]);
+    };
+    const loadFileSync = (path, _mode) => {
+        const source = syncBridge.requestNullableText("module.loadFile", [path]);
+        if (source === null) {
+            return null;
+        }
+        let code = source;
+        if (isESM(source, path)) {
+            code = transform(code, { transforms: ["imports"] }).code;
+        }
+        return transformDynamicImport(code);
+    };
+    const moduleFormatSync = (path) => {
+        return syncBridge.requestNullableText("module.format", [path]);
+    };
+    const batchResolveModulesSync = (requests) => {
+        return syncBridge.requestJson("module.batchResolve", [requests]);
+    };
+    exposeCustomGlobal("_resolveModuleSync", makeApplySync(resolveModuleSync));
+    exposeCustomGlobal("_loadFileSync", makeApplySync(loadFileSync));
+    exposeCustomGlobal("_resolveModule", makeApplySync(resolveModuleSync));
+    exposeCustomGlobal("_loadFile", makeApplySync(loadFileSync));
+    exposeCustomGlobal("_moduleFormat", makeApplySync(moduleFormatSync));
+    exposeCustomGlobal("_batchResolveModules", makeApplySync(batchResolveModulesSync));
+    const randomBytes = (length) => {
+        if (!Number.isInteger(length) || length < 0) {
+            throw new Error("crypto random byte length must be a non-negative integer");
+        }
+        const bytes = new Uint8Array(length);
+        const crypto = globalThis.crypto;
+        if (!crypto?.getRandomValues) {
+            throw new Error("Browser runtime crypto requires getRandomValues support");
+        }
+        for (let offset = 0; offset < bytes.length; offset += 65536) {
+            crypto.getRandomValues(bytes.subarray(offset, offset + 65536));
+        }
+        return bytes;
+    };
+    exposeCustomGlobal("_cryptoRandomFill", makeApplySync((length) => randomBytes(Number(length))));
+    exposeCustomGlobal("_cryptoRandomUUID", makeApplySync(() => {
+        if (typeof globalThis.crypto?.randomUUID !== "function") {
+            throw new Error("Browser runtime crypto requires randomUUID support");
+        }
+        return globalThis.crypto.randomUUID();
+    }));
+    exposeCustomGlobal("_cryptoHashDigest", makeApplySync((algorithm, data) => {
+        return hashDigestBytes(algorithm, data);
+    }));
+    exposeCustomGlobal("_cryptoHmacDigest", makeApplySync((algorithm, key, data) => {
+        return hmacDigestBytes(algorithm, key, data);
+    }));
+    exposeCustomGlobal("_cryptoPbkdf2", makeApplySync((password, salt, iterations, keyLength, algorithm) => {
+        return pbkdf2Bytes(password, salt, iterations, keyLength, algorithm);
+    }));
+    exposeCustomGlobal("_cryptoScrypt", makeApplySync((password, salt, keyLength, options) => {
+        return nobleScrypt(toUint8Array(password), toUint8Array(salt), normalizeScryptOptions(options, keyLength));
+    }));
+    exposeCustomGlobal("_cryptoCipheriv", makeApplySync((algorithm, key, iv, data, optionsJson) => browserCipheriv(algorithm, key, iv, data, optionsJson)));
+    exposeCustomGlobal("_cryptoDecipheriv", makeApplySync((algorithm, key, iv, data, optionsJson) => browserDecipheriv(algorithm, key, iv, data, optionsJson)));
+    exposeCustomGlobal("_cryptoCipherivCreate", makeApplySync(() => unsupportedBrowserCrypto("_cryptoCipherivCreate")));
+    exposeCustomGlobal("_cryptoCipherivUpdate", makeApplySync(() => unsupportedBrowserCrypto("_cryptoCipherivUpdate")));
+    exposeCustomGlobal("_cryptoCipherivFinal", makeApplySync(() => unsupportedBrowserCrypto("_cryptoCipherivFinal")));
+    exposeCustomGlobal("_cryptoSign", makeApplySync((algorithm, data, key) => browserRsaSign(algorithm, data, key)));
+    exposeCustomGlobal("_cryptoVerify", makeApplySync((algorithm, data, key, signature) => browserRsaVerify(algorithm, data, key, signature)));
+    exposeCustomGlobal("_cryptoAsymmetricOp", makeApplySync((operation, key, data, optionsJson) => browserRsaAsymmetricOp(operation, key, data, optionsJson)));
+    exposeCustomGlobal("_cryptoCreateKeyObject", makeApplySync(() => unsupportedBrowserCrypto("_cryptoCreateKeyObject")));
+    exposeCustomGlobal("_cryptoGenerateKeyPairSync", makeApplySync(() => unsupportedBrowserCrypto("_cryptoGenerateKeyPairSync")));
+    exposeCustomGlobal("_cryptoGenerateKeySync", makeApplySync(() => unsupportedBrowserCrypto("_cryptoGenerateKeySync")));
+    exposeCustomGlobal("_cryptoGeneratePrimeSync", makeApplySync(() => unsupportedBrowserCrypto("_cryptoGeneratePrimeSync")));
+    exposeCustomGlobal("_cryptoDiffieHellman", makeApplySync(() => unsupportedBrowserCrypto("_cryptoDiffieHellman")));
+    exposeCustomGlobal("_cryptoDiffieHellmanGroup", makeApplySync(() => unsupportedBrowserCrypto("_cryptoDiffieHellmanGroup")));
+    exposeCustomGlobal("_cryptoDiffieHellmanSessionCreate", makeApplySync(() => unsupportedBrowserCrypto("_cryptoDiffieHellmanSessionCreate")));
+    exposeCustomGlobal("_cryptoDiffieHellmanSessionCall", makeApplySync(() => unsupportedBrowserCrypto("_cryptoDiffieHellmanSessionCall")));
+    exposeCustomGlobal("_cryptoDiffieHellmanSessionDestroy", makeApplySync(() => unsupportedBrowserCrypto("_cryptoDiffieHellmanSessionDestroy")));
+    exposeCustomGlobal("_cryptoSubtle", makeApplySync(() => unsupportedBrowserCrypto("_cryptoSubtle")));
+    exposeCustomGlobal("_scheduleTimer", {
+        apply(_ctx, args) {
+            return new Promise((resolve) => {
+                setTimeout(resolve, args[0]);
+            });
+        },
+    });
+    const netAdapter = networkAdapter ?? createNetworkStub();
+    exposeCustomGlobal("_networkFetchRaw", makeApplyPromise(async (url, optionsJson) => {
+        const options = JSON.parse(optionsJson);
+        const result = await netAdapter.fetch(url, options);
+        return JSON.stringify(result);
+    }));
+    exposeCustomGlobal("_networkDnsLookupRaw", makeApplyPromise(async (request) => {
+        const hostname = typeof request === "string" ? request : String(request.hostname ?? "");
+        const result = await netAdapter.dnsLookup(hostname);
+        if (result.error) {
+            const error = new Error(result.error);
+            error.code = result.code;
+            throw error;
+        }
+        return JSON.stringify(result);
+    }));
+    exposeCustomGlobal("_childProcessSpawnStart", makeApplySync((request) => {
+        return syncBridge.requestJson("child_process.spawn", [
+            request,
+        ]);
+    }));
+    exposeCustomGlobal("_childProcessPoll", makeApplySync((sessionId, _waitMs) => {
+        return syncBridge.requestJson("child_process.poll", [sessionId, _waitMs ?? 0]);
+    }));
+    exposeCustomGlobal("_childProcessStdinWrite", makeApplySync((sessionId, data) => {
+        syncBridge.requestVoid("child_process.write_stdin", [sessionId, data]);
+    }));
+    exposeCustomGlobal("_childProcessStdinClose", makeApplySync((sessionId) => {
+        syncBridge.requestVoid("child_process.close_stdin", [sessionId]);
+    }));
+    exposeCustomGlobal("_childProcessKill", makeApplySync((sessionId, signal) => {
+        syncBridge.requestVoid("child_process.kill", [sessionId, signal]);
+    }));
+    exposeCustomGlobal("_childProcessSpawnSync", makeApplySync((request) => {
+        return syncBridge.requestText("child_process.spawn_sync", [
+            request,
+        ]);
+    }));
+    exposeCustomGlobal("_processSignalState", makeApplySync((signal, action, maskJson, flags) => {
+        syncBridge.requestVoid("process.signal_state", [
+            signal,
+            action,
+            maskJson,
+            flags,
+        ]);
+    }));
+    exposeCustomGlobal("_dgramSocketCreateRaw", makeApplySync((options) => {
+        return syncBridge.requestJson("dgram.create", [options]);
+    }));
+    exposeCustomGlobal("_dgramSocketBindRaw", makeApplySync((socketId, options) => {
+        return syncBridge.requestJson("dgram.bind", [socketId, options]);
+    }));
+    exposeCustomGlobal("_dgramSocketRecvRaw", makeApplySync((socketId, waitMs) => {
+        return syncBridge.requestJson("dgram.recv", [socketId, waitMs ?? 0]);
+    }));
+    exposeCustomGlobal("_dgramSocketSendRaw", makeApplySync((socketId, data, target) => {
+        return syncBridge.requestJson("dgram.send", [socketId, data, target]);
+    }));
+    exposeCustomGlobal("_dgramSocketCloseRaw", makeApplySync((socketId) => {
+        return syncBridge.requestJson("dgram.close", [socketId]);
+    }));
+    exposeCustomGlobal("_dgramSocketAddressRaw", makeApplySync((socketId) => {
+        return syncBridge.requestJson("dgram.address", [socketId]);
+    }));
+    exposeCustomGlobal("_dgramSocketSetBufferSizeRaw", makeApplySync((socketId, which, size) => {
+        return syncBridge.requestJson("dgram.setBufferSize", [
+            socketId,
+            which,
+            size,
+        ]);
+    }));
+    exposeCustomGlobal("_dgramSocketGetBufferSizeRaw", makeApplySync((socketId, which) => {
+        return syncBridge.requestJson("dgram.getBufferSize", [socketId, which]);
+    }));
+    exposeCustomGlobal("_fsModule", createFsModule(syncBridge));
+    exposeMutableRuntimeStateGlobal("_moduleCache", {});
+    exposeMutableRuntimeStateGlobal("_pendingModules", {});
+    exposeMutableRuntimeStateGlobal("_currentModule", { dirname: "/" });
+    globalEval(getRequireSetupCode());
+    ensureProcessGlobal();
+    // Block dangerous Web APIs that bypass bridge permission checks
+    const dangerousApis = [
+        "XMLHttpRequest",
+        "WebSocket",
+        "importScripts",
+        "indexedDB",
+        "caches",
+        "BroadcastChannel",
+    ];
+    for (const api of dangerousApis) {
+        try {
+            delete self[api];
+        }
+        catch {
+            // May not exist or may be non-configurable
+        }
+        Object.defineProperty(self, api, {
+            get() {
+                throw new ReferenceError(`${api} is not available in sandbox`);
+            },
+            configurable: false,
+        });
+    }
+    // Lock down self.onmessage so sandbox code cannot hijack the control channel
+    const currentHandler = self.onmessage;
+    Object.defineProperty(self, "onmessage", {
+        value: currentHandler,
+        writable: false,
+        configurable: false,
+    });
+    // Block self.postMessage so sandbox code cannot forge responses to host
+    Object.defineProperty(self, "postMessage", {
+        get() {
+            throw new TypeError("postMessage is not available in sandbox");
+        },
+        configurable: false,
+    });
+    initialized = true;
+}
+function resetModuleState(cwd) {
+    exposeMutableRuntimeStateGlobal("_moduleCache", {});
+    exposeMutableRuntimeStateGlobal("_pendingModules", {});
+    exposeMutableRuntimeStateGlobal("_currentModule", { dirname: cwd });
+}
+function setDynamicImportFallback() {
+    exposeMutableRuntimeStateGlobal("__dynamicImport", (specifier) => {
+        const cached = dynamicImportCache.get(specifier);
+        if (cached)
+            return Promise.resolve(cached);
+        try {
+            const runtimeRequire = globalThis.require;
+            if (typeof runtimeRequire !== "function") {
+                throw new Error("require is not available in browser runtime");
+            }
+            const mod = runtimeRequire(specifier);
+            return Promise.resolve({
+                default: mod,
+                ...mod,
+            });
+        }
+        catch (e) {
+            return Promise.reject(new Error(`Cannot dynamically import '${specifier}': ${String(e)}`));
+        }
+    });
+}
+function toProcessChunk(value, encoding) {
+    if (encoding) {
+        return value;
+    }
+    return encoder.encode(value);
+}
+function normalizeProcessOutputChunk(chunk) {
+    if (typeof chunk === "string") {
+        return chunk;
+    }
+    if (chunk instanceof Uint8Array) {
+        return decoder.decode(chunk);
+    }
+    if (ArrayBuffer.isView(chunk)) {
+        return decoder.decode(new Uint8Array(chunk.buffer, chunk.byteOffset, chunk.byteLength));
+    }
+    if (chunk instanceof ArrayBuffer) {
+        return decoder.decode(new Uint8Array(chunk));
+    }
+    return String(chunk);
+}
+function emitProcessStdio(channel, chunk) {
+    if (activeProcessRequestId === null || activeExecutionId === null) {
+        return true;
+    }
+    emitStdio(activeExecutionId, activeProcessRequestId, channel, normalizeProcessOutputChunk(chunk));
+    return true;
+}
+function createBrowserProcess() {
+    let cwd = "/";
+    let stdinData = "";
+    let stdinPosition = 0;
+    let stdinEnded = false;
+    let stdinFlushQueued = false;
+    const stdinListeners = Object.create(null);
+    const stdinOnceListeners = Object.create(null);
+    const emitStdinListeners = (event, value) => {
+        const listeners = [
+            ...(stdinListeners[event] ?? []),
+            ...(stdinOnceListeners[event] ?? []),
+        ];
+        stdinOnceListeners[event] = [];
+        for (const listener of listeners) {
+            listener(value);
+        }
+        return listeners.length > 0;
+    };
+    const clearStdinListeners = () => {
+        for (const key of Object.keys(stdinListeners)) {
+            stdinListeners[key] = [];
+        }
+        for (const key of Object.keys(stdinOnceListeners)) {
+            stdinOnceListeners[key] = [];
+        }
+    };
+    const flushStdin = () => {
+        stdinFlushQueued = false;
+        if (stdin.paused || stdinEnded) {
+            return;
+        }
+        if (stdinPosition < stdinData.length) {
+            const chunk = stdinData.slice(stdinPosition);
+            stdinPosition = stdinData.length;
+            emitStdinListeners("data", toProcessChunk(chunk, stdin.encoding));
+        }
+        if (!stdinEnded) {
+            stdinEnded = true;
+            emitStdinListeners("end");
+            emitStdinListeners("close");
+        }
+    };
+    const scheduleStdinFlush = () => {
+        if (stdinFlushQueued) {
+            return;
+        }
+        stdinFlushQueued = true;
+        queueMicrotask(flushStdin);
+    };
+    const stdin = {
+        readable: true,
+        paused: true,
+        encoding: null,
+        isRaw: false,
+        read(size) {
+            if (stdinPosition >= stdinData.length) {
+                return null;
+            }
+            const chunk = size
+                ? stdinData.slice(stdinPosition, stdinPosition + size)
+                : stdinData.slice(stdinPosition);
+            stdinPosition += chunk.length;
+            return toProcessChunk(chunk, stdin.encoding);
+        },
+        on(event, listener) {
+            if (!stdinListeners[event]) {
+                stdinListeners[event] = [];
+            }
+            stdinListeners[event].push(listener);
+            if (event === "data" && stdin.paused) {
+                stdin.resume();
+            }
+            return stdin;
+        },
+        once(event, listener) {
+            if (!stdinOnceListeners[event]) {
+                stdinOnceListeners[event] = [];
+            }
+            stdinOnceListeners[event].push(listener);
+            if (event === "data" && stdin.paused) {
+                stdin.resume();
+            }
+            return stdin;
+        },
+        off(event, listener) {
+            if (!stdinListeners[event]) {
+                return stdin;
+            }
+            stdinListeners[event] = stdinListeners[event].filter((candidate) => candidate !== listener);
+            return stdin;
+        },
+        removeListener(event, listener) {
+            return stdin.off(event, listener);
+        },
+        emit(event, value) {
+            return emitStdinListeners(event, value);
+        },
+        pause() {
+            stdin.paused = true;
+            return stdin;
+        },
+        resume() {
+            stdin.paused = false;
+            scheduleStdinFlush();
+            return stdin;
+        },
+        setEncoding(encoding) {
+            stdin.encoding = encoding;
+            return stdin;
+        },
+        setRawMode(mode) {
+            stdin.isRaw = mode;
+            return stdin;
+        },
+        get readableLength() {
+            return encoder.encode(stdinData.slice(stdinPosition)).byteLength;
+        },
+        get isTTY() {
+            return false;
+        },
+        async *[Symbol.asyncIterator]() {
+            const remaining = stdinData.slice(stdinPosition);
+            for (const line of remaining.split("\n")) {
+                if (line.length > 0) {
+                    yield line;
+                }
+            }
+        },
+    };
+    const processListeners = Object.create(null);
+    const processOnceListeners = Object.create(null);
+    const requireProcessListener = (listener) => {
+        if (typeof listener !== "function") {
+            throw new TypeError("process listener must be a function");
+        }
+        return listener;
+    };
+    const processSignalListenerCount = (event) => {
+        return ((processListeners[event]?.length ?? 0) +
+            (processOnceListeners[event]?.length ?? 0));
+    };
+    const syncProcessSignalState = (event, action) => {
+        const signal = signalNumberForEvent(event);
+        if (signal === null) {
+            return;
+        }
+        const syncBridge = activeSyncBridge;
+        if (!syncBridge) {
+            return;
+        }
+        syncBridge.requestVoid("process.signal_state", [signal, action, "[]", 0]);
+    };
+    const maybeSyncProcessSignalTransition = (event, before, after) => {
+        if (before === 0 && after > 0) {
+            syncProcessSignalState(event, "user");
+        }
+        else if (before > 0 && after === 0) {
+            syncProcessSignalState(event, "default");
+        }
+    };
+    const processOn = (event, listener, once) => {
+        requireProcessListener(listener);
+        const before = processSignalListenerCount(event);
+        const map = once ? processOnceListeners : processListeners;
+        if (!map[event]) {
+            map[event] = [];
+        }
+        map[event].push(listener);
+        maybeSyncProcessSignalTransition(event, before, processSignalListenerCount(event));
+        return processBridge;
+    };
+    const processOff = (event, listener) => {
+        requireProcessListener(listener);
+        const before = processSignalListenerCount(event);
+        if (processListeners[event]) {
+            processListeners[event] = processListeners[event].filter((candidate) => candidate !== listener);
+        }
+        if (processOnceListeners[event]) {
+            processOnceListeners[event] = processOnceListeners[event].filter((candidate) => candidate !== listener);
+        }
+        maybeSyncProcessSignalTransition(event, before, processSignalListenerCount(event));
+        return processBridge;
+    };
+    const emitProcessListeners = (event, value) => {
+        const before = processSignalListenerCount(event);
+        const listeners = [
+            ...(processListeners[event] ?? []),
+            ...(processOnceListeners[event] ?? []),
+        ];
+        processOnceListeners[event] = [];
+        for (const listener of listeners) {
+            listener(value);
+        }
+        maybeSyncProcessSignalTransition(event, before, processSignalListenerCount(event));
+        return listeners.length > 0;
+    };
+    const processBridge = {
+        browser: true,
+        env: {},
+        argv: ["node"],
+        argv0: "node",
+        pid: 1,
+        ppid: 0,
+        uid: 1000,
+        gid: 1000,
+        platform: "browser",
+        arch: "x64",
+        version: "v22.0.0",
+        versions: {
+            node: "22.0.0",
+            // Guest crypto is served by pure-Rust crates, not OpenSSL. We still
+            // surface the OpenSSL release bundled by the emulated Node version so
+            // guests that read process.versions.openssl keep working, and the
+            // native V8 runtime reports the same constant for parity.
+            openssl: "3.0.13+quic",
+        },
+        stdin,
+        stdout: {
+            isTTY: false,
+            write(chunk) {
+                return emitProcessStdio("stdout", chunk);
+            },
+        },
+        stderr: {
+            isTTY: false,
+            write(chunk) {
+                return emitProcessStdio("stderr", chunk);
+            },
+        },
+        exitCode: 0,
+        cwd: () => cwd,
+        chdir: (nextCwd) => {
+            cwd = String(nextCwd);
+        },
+        getuid: () => processBridge.uid,
+        getgid: () => processBridge.gid,
+        geteuid: () => processBridge.uid,
+        getegid: () => processBridge.gid,
+        getgroups: () => [processBridge.gid],
+        nextTick: (callback, ...args) => {
+            queueMicrotask(() => callback(...args));
+        },
+        exit(code) {
+            const exitCode = typeof code === "number" ? code : (processBridge.exitCode ?? 0);
+            processBridge.exitCode = exitCode;
+            throw new Error(`process.exit(${exitCode})`);
+        },
+        on(event, listener) {
+            return processOn(String(event), listener, false);
+        },
+        once(event, listener) {
+            return processOn(String(event), listener, true);
+        },
+        off(event, listener) {
+            return processOff(String(event), listener);
+        },
+        removeListener(event, listener) {
+            return processOff(String(event), listener);
+        },
+        emit(event, value) {
+            return emitProcessListeners(String(event), value);
+        },
+        __secureExecRefreshProcess(nextConfig) {
+            clearStdinListeners();
+            for (const key of Object.keys(processListeners)) {
+                processListeners[key] = [];
+            }
+            for (const key of Object.keys(processOnceListeners)) {
+                processOnceListeners[key] = [];
+            }
+            stdinData = typeof nextConfig?.stdin === "string" ? nextConfig.stdin : "";
+            stdinPosition = 0;
+            stdinEnded = false;
+            stdinFlushQueued = false;
+            stdin.paused = true;
+            stdin.encoding = null;
+            stdin.isRaw = false;
+            processBridge.exitCode = 0;
+            processBridge.env =
+                nextConfig?.env && typeof nextConfig.env === "object"
+                    ? { ...nextConfig.env }
+                    : {};
+            if (typeof nextConfig?.cwd === "string") {
+                cwd = nextConfig.cwd;
+            }
+            processBridge.argv = Array.isArray(nextConfig?.argv)
+                ? nextConfig.argv.map((value) => String(value))
+                : ["node"];
+            processBridge.argv0 = processBridge.argv[0] ?? "node";
+            if (typeof nextConfig?.platform === "string") {
+                processBridge.platform = nextConfig.platform;
+            }
+            if (typeof nextConfig?.arch === "string") {
+                processBridge.arch = nextConfig.arch;
+            }
+            if (typeof nextConfig?.version === "string") {
+                processBridge.version = nextConfig.version;
+                processBridge.versions.node = nextConfig.version.replace(/^v/, "");
+            }
+            if (typeof nextConfig?.pid === "number") {
+                processBridge.pid = nextConfig.pid;
+            }
+            if (typeof nextConfig?.ppid === "number") {
+                processBridge.ppid = nextConfig.ppid;
+            }
+            if (typeof nextConfig?.uid === "number") {
+                processBridge.uid = nextConfig.uid;
+            }
+            if (typeof nextConfig?.gid === "number") {
+                processBridge.gid = nextConfig.gid;
+            }
+        },
+    };
+    return processBridge;
+}
+function getRuntimeProcess() {
+    const proc = globalThis.process;
+    if (!proc || typeof proc !== "object") {
+        return undefined;
+    }
+    return proc;
+}
+function refreshRuntimeProcess() {
+    const proc = getRuntimeProcess();
+    const refresh = proc?.__secureExecRefreshProcess;
+    if (typeof refresh === "function") {
+        refresh(runtimeProcessConfig);
+    }
+}
+function ensureProcessGlobal() {
+    if (getRuntimeProcess()) {
+        refreshRuntimeProcess();
+        return;
+    }
+    exposeMutableRuntimeStateGlobal("process", createBrowserProcess());
+    refreshRuntimeProcess();
+}
+function updateProcessConfig(options, timingMitigation, frozenTimeMs) {
+    if (runtimeProcessConfig) {
+        runtimeProcessConfig.timingMitigation = timingMitigation;
+        if (frozenTimeMs === undefined) {
+            delete runtimeProcessConfig.frozenTimeMs;
+        }
+        else {
+            runtimeProcessConfig.frozenTimeMs = frozenTimeMs;
+        }
+        runtimeProcessConfig.stdin = options?.stdin ?? "";
+        if (options?.env) {
+            const filtered = filterEnv(options.env, permissions);
+            const currentEnv = runtimeProcessConfig.env && typeof runtimeProcessConfig.env === "object"
+                ? runtimeProcessConfig.env
+                : {};
+            runtimeProcessConfig.env = { ...currentEnv, ...filtered };
+        }
+    }
+    refreshRuntimeProcess();
+    const proc = getRuntimeProcess();
+    if (!proc)
+        return;
+    proc.exitCode = 0;
+    proc.timingMitigation = timingMitigation;
+    if (frozenTimeMs === undefined) {
+        delete proc.frozenTimeMs;
+    }
+    else {
+        proc.frozenTimeMs = frozenTimeMs;
+    }
+    if (options?.cwd && typeof proc.chdir === "function") {
+        exposeMutableRuntimeStateGlobal("__runtimeProcessCwdOverride", options.cwd);
+        globalEval(getIsolateRuntimeSource("overrideProcessCwd"));
+        try {
+            proc.chdir(options.cwd);
+        }
+        catch (error) {
+            if (!(error instanceof Error &&
+                error.message.includes("process.chdir() is not supported in workers"))) {
+                throw error;
+            }
+        }
+    }
+}
+/**
+ * Execute user code as a script (process-style). Transforms ESM/dynamic
+ * imports, sets up module/exports globals, and waits for active handles.
+ */
+async function execScript(executionId, requestId, code, options, captureStdio = false) {
+    resetModuleState(options?.cwd ?? "/");
+    const timingMitigation = options?.timingMitigation ?? runtimeTimingMitigation;
+    const frozenTimeMs = applyTimingMitigation(timingMitigation);
+    updateProcessConfig(options, timingMitigation, frozenTimeMs);
+    setDynamicImportFallback();
+    const previousProcessRequestId = activeProcessRequestId;
+    const previousExecutionId = activeExecutionId;
+    const previousCaptureStdio = activeCaptureStdio;
+    activeProcessRequestId = requestId;
+    activeExecutionId = executionId;
+    activeCaptureStdio = captureStdio;
+    try {
+        const scriptResult = (async () => {
+            let transformed = code;
+            if (isESM(code, options?.filePath)) {
+                transformed = transform(transformed, { transforms: ["imports"] }).code;
+            }
+            transformed = transformDynamicImport(transformed);
+            exposeMutableRuntimeStateGlobal("module", { exports: {} });
+            const moduleRef = globalThis.module;
+            exposeMutableRuntimeStateGlobal("exports", moduleRef.exports);
+            if (options?.filePath) {
+                const dirname = options.filePath.includes("/")
+                    ? options.filePath.substring(0, options.filePath.lastIndexOf("/")) ||
+                        "/"
+                    : "/";
+                exposeMutableRuntimeStateGlobal("__filename", options.filePath);
+                exposeMutableRuntimeStateGlobal("__dirname", dirname);
+                exposeMutableRuntimeStateGlobal("_currentModule", {
+                    dirname,
+                    filename: options.filePath,
+                });
+            }
+            // Await the eval result so async IIFEs / top-level promise expressions
+            // resolve before we check for active handles.
+            const evalResult = globalEval(transformed);
+            if (evalResult &&
+                typeof evalResult === "object" &&
+                typeof evalResult.then === "function") {
+                await evalResult;
+            }
+            await Promise.resolve();
+            const waitForActiveHandles = globalThis
+                ._waitForActiveHandles;
+            if (typeof waitForActiveHandles === "function") {
+                await waitForActiveHandles();
+            }
+            const exitCode = globalThis.process
+                ?.exitCode ?? 0;
+            return {
+                code: exitCode,
+            };
+        })();
+        const signalResult = new Promise((resolve) => {
+            pendingExecutionSignals.set(executionId, (signal) => {
+                const code = defaultSignalExitCode(signal);
+                resolve({ code: code ?? 0 });
+            });
+        });
+        return await Promise.race([scriptResult, signalResult]);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        const exitMatch = message.match(/process\.exit\((\d+)\)/);
+        if (exitMatch) {
+            const exitCode = Number.parseInt(exitMatch[1], 10);
+            return {
+                code: exitCode,
+            };
+        }
+        return {
+            code: 1,
+            errorMessage: boundErrorMessage(message),
+        };
+    }
+    finally {
+        pendingExecutionSignals.delete(executionId);
+        activeProcessRequestId = previousProcessRequestId;
+        activeExecutionId = previousExecutionId;
+        activeCaptureStdio = previousCaptureStdio;
+    }
+}
+async function runScript(executionId, requestId, code, filePath, captureStdio = false) {
+    const execResult = await execScript(executionId, requestId, code, { filePath }, captureStdio);
+    const moduleObj = globalThis.module;
+    return {
+        ...execResult,
+        exports: moduleObj?.exports,
+    };
+}
+self.onmessage = async (event) => {
+    const message = event.data;
+    try {
+        if (message.type === "init") {
+            if (typeof message.controlToken !== "string" ||
+                message.controlToken.length === 0) {
+                return;
+            }
+            if (controlToken && message.controlToken !== controlToken) {
+                return;
+            }
+            controlToken = message.controlToken;
+            await initRuntime(message.payload);
+            postResponse({
+                type: "response",
+                id: message.id,
+                ok: true,
+                result: true,
+            });
+            return;
+        }
+        if (!controlToken || message.controlToken !== controlToken) {
+            return;
+        }
+        if (!initialized) {
+            throw new Error("Sandbox worker not initialized");
+        }
+        if (message.type === "exec") {
+            postAsyncResponse(message.id, execScript(message.payload.executionId, message.id, message.payload.code, message.payload.options, message.payload.captureStdio));
+            return;
+        }
+        if (message.type === "run") {
+            postAsyncResponse(message.id, runScript(message.payload.executionId, message.id, message.payload.code, message.payload.filePath, message.payload.captureStdio));
+            return;
+        }
+        if (message.type === "signal") {
+            const signal = Number(message.payload.signal);
+            const resolveSignal = pendingExecutionSignals.get(message.payload.executionId);
+            if (resolveSignal && Number.isInteger(signal)) {
+                resolveSignal(signal);
+            }
+            return;
+        }
+        if (message.type === "extension") {
+            const error = new Error(`Browser worker extension dispatch is not implemented for namespace ${message.payload.namespace}`);
+            error.code = "ERR_SECURE_EXEC_BROWSER_EXTENSION_UNSUPPORTED";
+            throw error;
+        }
+        if (message.type === "dispose") {
+            postResponse({
+                type: "response",
+                id: message.id,
+                ok: true,
+                result: true,
+            });
+            close();
+        }
+    }
+    catch (err) {
+        const error = err;
+        postResponse({
+            type: "response",
+            id: message.id,
+            ok: false,
+            error: {
+                message: error?.message ?? String(err),
+                stack: error?.stack,
+                code: error?.code,
+            },
+        });
+    }
+};