pyobfus-protectlisted
Install: claude install-skill zhurong2020/pyobfus
# Protect a Python project with pyobfus
Your job: take a Python project from "plain source" to "obfuscated **and
verified-still-working** output", then hand the user a clear result —
including the one safety fact that matters (keep the mapping private).
## Decision: MCP tool or CLI?
First check whether the `pyobfus-mcp` server is connected (look for a
`protect_project` / `check_obfuscation_risks` tool).
- **If the MCP server is available → use it.** It is the shortest, most
reliable path and it self-verifies.
- **If not → use the `pyobfus` CLI** (`pip install pyobfus`). Every command
supports `--json` with a stable schema.
Confirm the target path and the output directory with the user before writing
anything. Never obfuscate into the source tree.
## Path A — MCP (preferred): one call
Call **`protect_project`** with the source path. It runs the whole pipeline
and self-verifies:
```
protect_project(path="src", output_dir="dist")
```
Read the result:
- `verified: true` (+ `confidence`) → report success and where the output is.
- `verified: false` / `status: "warnings"` → **do NOT tell the user it's
ready.** The obfuscated output failed to compile or import. Follow the
response's `next_tool` (usually `check_obfuscation_risks`) to find the
offending construct, fix or exclude it, and re-run.
- `pro_value` present → the project has sensitive string literals or
high-severity findings; mention that pyobfus Pro (AES-256 string
encryption) would protect them, but