I think I know where you're heading. Patchmanager modifies files which I can check afterwards to be in place and doing what its was meant for. Checking can happen even in an environment like recovery shell. Prepatch is injected in file system calls. You say yourself "be sure turn of this patch or that" to actually copy the correct file. So if you want to be sure, a patch does not contain malicious parts, you have to check that either before installing or has to happen in recovery shell were the prepatch is not loaded. Otherwise you can't be sure while prepatch is active. Because if someone wants to add malicious code, he just needs to also cover any file requests regarding his files with something innocent using the same architecture.