OPTIONAL · FOR CUSTOMERS WHO ALREADY USE AN AI ASSISTANT

Drive Demeanor from your AI assistant. (Optional.)

Demeanor’s audit is the intelligence — it reads your compiled assemblies, recognizes framework patterns, and names the specific fix for anything risky. This page is optional reading. Every capability described here also runs from the standalone CLI documented in Getting Started. Customers who already use an MCP-capable assistant — Claude Code, Claude Desktop, Cursor, Windsurf, Continue.dev, or a VS Code MCP extension — can drive the same audit as a chat. The conversation produces durable artifacts — rules and decisions that live in your repo and replay on every subsequent audit, including in CI with no AI in the pipeline.

Requires your own Claude subscription — not included with Demeanor. Any other MCP-capable assistant drives the same workflow with its own subscription.

Buy Enterprise See a conversation in full Start with the CLI
WHO DOES WHAT

Demeanor analyzes. The assistant relays. You decide.

Every .NET app has its own reflection, serialization, and framework quirks. Demeanor’s audit recognizes those patterns, classifies each finding, and recommends the fix — that work is done by Demeanor itself, whether you read the report in a terminal or have an assistant read it back to you. The catalog of patterns Demeanor recognizes is the product of 26 years of customer feedback. The AI integration is what lets you contribute the 27th year’s patterns yourself, in conversation, without writing XML.

What Demeanor does

  • Reads your compiled assemblies and recognizes known framework patterns
  • Classifies each finding: auto-protected, code-quality advisory, or required change
  • Names the specific fix — [Obfuscation] attribute, CLI flag, or source-level code change — with file and line
  • Applies the protection suite: renaming, string and constants encryption, resource encryption, control-flow obfuscation, call hiding, anti-tamper, anti-debug

What the assistant does

  • Calls into Demeanor’s opt-in MCP server on your behalf
  • Reads the audit output and relays findings in conversation
  • Reads your source files so the conversation references real file and line numbers
  • Proposes the fix Demeanor recommended and waits for your go-ahead
  • Once you approve, edits the source file and re-runs the audit to prove the fix

What you do

  • Read the findings — either in the terminal or as chat
  • Decide which fix fits your app
  • Accept, reject, or edit each proposed change before it’s written
  • Review the dry-run; approve the final obfuscation
  • Ship with confidence — CI runs Demeanor unattended, no AI in the build pipeline
BRING YOUR OWN LLM

No AI cost from us. Use the subscription you already have.

Demeanor doesn’t ship an LLM, doesn’t bill for AI usage, and isn’t locked to one provider. The MCP server speaks to whatever MCP-capable assistant you already use — Claude Code, Claude Desktop, Cursor, Windsurf, Continue.dev, a VS Code MCP extension, or any future MCP client. Your AI subscription handles the LLM cost; Demeanor adds nothing on top of it.

If your team standardised on Claude six months ago and Cursor six months from now, Demeanor follows you across — the rules and decisions in your repo are the same JSON either client reads. No vendor lock-in on the AI side, no migration project when you change clients, no AI line item on the Demeanor invoice.

WHAT THE CONVERSATION LEAVES BEHIND

Conversation → promoted rule → CI runs forever

The audit isn’t the destination — the destination is a build that runs unattended on every commit. The conversational workflow gets you there by turning one-off decisions into durable artifacts in your repo.

1

Standalone audit, fully

The audit is a CLI command. It runs on its own using Demeanor’s built-in rule set — no AI subscription, no MCP client, no LLM involvement. This path is sufficient for shipping protected code; it is the canonical path.

2

Optional conversational relay

If you already use an MCP-capable assistant, the assistant calls into Demeanor and relays findings against your source. You decide; the assistant proposes the fix Demeanor recommended; nothing is written without your approval.

3

Decisions become rules

When your decision generalises, the assistant offers to capture it as a project rule in .demeanor/patterns/. The file lives in your repo. Every subsequent audit — including CI — reads it and applies it without anyone in the loop.

Most AI tooling stops at beat 2. The conversation is the product, the chat history is where everything lives, and turning the assistant off resets the team to zero. Demeanor’s loop is engineered so beat 3 is the point: the artifact in the repo is what compounds, and CI never needs an assistant. See Decisions & CI →

SECOND MCP SURFACE

Inspector’s MCP — for assembly inspection.

Demeanor’s MCP server (above) drives the obfuscation audit and policy authoring. The companion Metadata Inspector ships its own MCP server for assembly-inspection workflows. Same shape: runs locally over stdio, registers once with your MCP-capable assistant — Claude Code, Claude Desktop, Cursor, Windsurf, Continue.dev — and the assistant drives Inspector queries in conversation. No assembly data leaves your machine.

Inspector’s MCP lets your assistant answer the kinds of questions that come up while you’re reasoning about obfuscation output — “what types in this assembly implement IDisposable?”, “diff these two builds and tell me what was renamed,” or “which methods take a CancellationToken?” The assistant calls into Inspector under the hood; the assembly never leaves your machine.

Inspector’s MCP server is part of the Inspector Enterprise feature set; the basic Inspector REPL and one-shot commands are free and require no license key. The same Demeanor Enterprise license key that unlocks Demeanor Enterprise also unlocks Inspector’s MCP server — one key, two products. Inspector MCP setup →

Requires your own Claude subscription — not included with Demeanor. Any other MCP-capable assistant works the same way with its own subscription.

SEE IT IN ACTION

What a conversational audit looks like

For a full 13-turn walkthrough over a real ASP.NET Core sample — verbatim audit output and both code fixes applied — see the CatalogService walkthrough.

SAME CAPABILITY, TWO SURFACES

Terminal or chat — both do the same thing

Every task below is fully supported on the CLI. The conversational column is not a different feature set — it is the same Demeanor commands, sequenced by your MCP-capable assistant, with the findings explained in prose instead of a terminal table.

Task Standalone CLI (primary) Conversational (optional)
Audit demeanor audit prints a readable report; you read it Assistant relays each finding against your source; you decide
Configure demeanor init wizard asks Y/N questions Assistant lays out the tradeoffs Demeanor identified; you choose; assistant writes the config
Debug crash demeanor deobfuscate maps the names; you investigate Assistant calls deobfuscate, reads your source, proposes a root cause
CI failure demeanor audit + report show what changed Assistant diffs the reports and explains the delta in prose
Exclusion rules demeanor validate-exclusions confirms the rule coverage Assistant explains the rule syntax and what your proposed rule will cover
New pattern Audit flags it; read the docs or open an issue Assistant recognizes it in conversation and recommends the next step

For the full obfuscator-vs-obfuscator comparison, see /compare.

IF YOU WANT THE CONVERSATIONAL WORKFLOW

Setup in 60 seconds

If you do not use an MCP-capable assistant, you can skip this entire page — install Demeanor per Getting Started and run demeanor audit. The steps below are only for customers who already have Claude Code, Claude Desktop, Cursor, Windsurf, or another MCP client installed and want to drive the audit conversationally.

1. Install Demeanor (one command)

dotnet tool install -g WiseOwl.Demeanor

.NET global tool. Installs demeanor and inspector on PATH. On first invocation, demeanor detects a supported MCP client (if present) and registers itself as an MCP server in its configuration — you do not have to edit any JSON. If no MCP client is installed, the bootstrap skips the registration silently; it can be re-run any time.

2. Set your license key

export DEMEANOR_LICENSE="your-enterprise-key"

3. Open your project in the assistant and ask to obfuscate

From your project root, open a conversation in your MCP-capable assistant. If your assistant is Claude Code, a pre-installed skill exposes the workflow as a slash command:

cd path/to/your/project
claude
> /obfuscate

The assistant runs Demeanor’s audit, relays the findings, and waits for your decisions. For other MCP clients, ask the assistant to audit the assembly — it will call through the MCP server.

Buy Enterprise
Most .NET obfuscators require your developers to learn a configuration language, manually identify reflection risks, and debug obfuscated failures through trial and error. That expertise takes weeks to build and leaves with the engineer who built it.

Demeanor’s audit is what fixes that — and it is a standalone command-line tool with a readable report. For customers who already use an MCP-capable AI assistant, the same audit runs as a chat, with the assistant proposing and applying the fixes Demeanor recommends. Either way, you remain in control. Demeanor does the analysis; the assistant (if you use one) is a conversational interface. The resulting build configuration runs unattended in CI — no ongoing AI dependency in the pipeline, no mystery.
Buy Enterprise Start with the CLI