The Asus C101PA is based on a Rockchip RK3399. These have a "maskrom mode", where if the SPI EEPROM is disabled, the chip will attempt to boot from other devices: first, NAND flash, then microSD, and then finally a USB debug mode where you can attach a A-A cable and use the rkflashtool utility to manipulate the firmware.

So, quickly going from theory to practice, let's make a SPI ROM cutoff button:

The SPI EEPROM, labeled with pinout.

Let's make a toggle:

#CS is an active-low chip select. Button will short it to the chip's supply rail when pressed.

Button.

The button, again.

Now, according to the theory, booting up the box with the toggle held down, will send the RK3399 to look for the boot signature on the eMMC NAND; given as it will not find it there, it will then search the SD card, if inserted, and go into USB debug mode if this fails.

However, turns out: "мазать уже можно, есть пока нельзя": the box indeed boots with black screen and running light active, if booted with the switch held down. But -- it ignores a valid firmware image (copied from SPI ROM) on the SD card, and none of the 3 USB ports (either of the two USB-C ports, or the conventional USB3 A-connector, when A-A cable with PC is used) switches into debug mode. The box can be reset with the magic two-finger salute (powerswitch plus "refresh" key) and reboots normally, if switch is released. But nothing useful happened, evidently, from disabling the SPI EEPROM...

So, what gives? If you, dear reader, know -- please write in!

Edit: somebody seems to know something...