AI-Assisted Inspection

Connect the Metadata Inspector to your AI assistant and query .NET assemblies in plain English.

What Is This?

The Demeanor Metadata Inspector includes an MCP server that lets AI assistants like Claude Code, Claude Desktop, Cursor, and Windsurf directly inspect your .NET assemblies. Instead of learning command-line syntax, you ask your AI assistant questions in plain English — it calls the inspector behind the scenes and gives you answers in context.

MCP (Model Context Protocol) is an open standard by Anthropic that lets AI assistants call external tools. The inspector becomes a tool in your AI's toolbox — one it can call whenever you ask about assembly metadata, obfuscation results, or pre-obfuscation audits.

Setup

Claude Code

Add the inspector to your project's MCP configuration:

// .claude/mcp.json (in your project root)
{
  "mcpServers": {
    "inspect": {
      "command": "inspect",
      "args": ["--mcp"]
    }
  }
}

That's it. Every Claude Code session in this project now has access to the inspector tools.

Claude Desktop

Add to your Claude Desktop configuration:

// claude_desktop_config.json
{
  "mcpServers": {
    "inspect": {
      "command": "inspect",
      "args": ["--mcp"]
    }
  }
}

On macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
On Windows: %APPDATA%\Claude\claude_desktop_config.json

Other MCP Clients

Any MCP-compatible tool (Cursor, Windsurf, etc.) can connect using the stdio transport. The command is inspect --mcp.

How It Works

Your AI assistant starts the inspector as a local child process on your machine.
The assistant and inspector communicate over stdin/stdout using JSON-RPC.
When you ask a question about an assembly, the assistant calls the appropriate inspector tool.
The inspector loads the assembly, runs the query, and returns results.
The assistant reads the results and gives you a contextual answer.

Everything is local. No assembly data leaves your machine. No API keys are needed beyond your existing AI subscription. The inspector runs as a standard process on your workstation.

What You Can Ask

You don't need to learn the inspector's query language. Just ask your AI assistant in natural language. It knows the tools and constructs the right calls.

Pre-obfuscation audit

"I'm about to obfuscate MyApp.dll. What should I exclude?"

The assistant inspects your assembly for serializable types, data-bound properties, reflection usage, and public API surfaces, then recommends specific --exclude rules.

Post-obfuscation verification

"Compare the original and obfuscated assemblies — did obfuscation preserve everything it should?"

The assistant compares both assemblies, checks that [JsonSerializable] types kept their property names, verifies [Parameter] Blazor properties survived, and flags anything unexpected.

Debugging obfuscation issues

"After obfuscation I get a JsonException about property name collision. What went wrong?"

The assistant examines the obfuscated assembly's type structure, identifies which original type was renamed, finds the conflicting properties, and suggests the fix.

Understanding assembly structure

"What types implement IHostedService in this assembly?"

Direct metadata query — the assistant calls inspect_types with an interface filter and reports the results.

Auditing for specific patterns

"Show me all types with [JsonSerializable] attributes and list their properties"

The assistant queries attributes, then drills into each matching type's properties — multiple tool calls composed into one coherent answer.

Available Tools

The MCP server exposes 9 tools that the AI assistant can call. You never need to call these directly — the assistant picks the right tool for your question.

Tool	Purpose	Key Parameters
`inspect_summary`	Assembly overview: name, version, row counts	`assembly`
`inspect_types`	List and filter types	`assembly`, `accessibility`, `namespace`, `baseType`, `implements_`, `hasAttribute`
`inspect_methods`	List and filter methods	`assembly`, `owner`, `returnType`, `parameterType`, `accessibility`, `name`, `isStatic`, `isVirtual`
`inspect_fields`	List and filter fields	`assembly`, `owner`, `fieldType`
`inspect_properties`	List and filter properties	`assembly`, `name`, `propertyType`
`inspect_attributes`	List and filter custom attributes	`assembly`, `name`
`inspect_find`	Search all tables by text	`assembly`, `text`
`inspect_diff`	Compare two assemblies	`assembly_a`, `assembly_b`
`inspect_query`	Advanced structured query (full DSL)	`assembly`, `verb`, `target`, `filters`

Why MCP Instead of a Built-In LLM?

Some tools embed an LLM call behind a "natural language" interface. We chose MCP instead because:

No separate API key. Your existing Claude subscription handles everything. No Anthropic API key to manage, no per-query costs from us.
Full context. Your AI assistant sees the assembly AND your source code, project structure, and conversation history. It can correlate metadata findings with your actual code.
Multi-step reasoning. The assistant can chain multiple inspector calls — query types, then drill into each one's methods, then check attributes — composing a complete analysis from multiple queries.
Works in your IDE. Claude Code runs in VS Code and JetBrains. The inspector tools are available inline while you're editing code, not in a separate terminal window.
No network from the inspector. The MCP server runs locally and never makes network calls. Assembly data stays on your machine.

Example Session

Here's what a real interaction looks like in Claude Code:

You: I'm about to obfuscate bin/Release/net10.0/MyApp.dll with
     Demeanor. Analyze it and tell me what I need to exclude.

Claude: Let me inspect the assembly.
        [calls inspect_types with hasAttribute="JsonSerializable"]
        [calls inspect_types with implements_="INotifyPropertyChanged"]
        [calls inspect_types with hasAttribute="Serializable"]
        [calls inspect_properties with accessibility="public"]

        I found 3 areas to review:

        1. **JSON serialization** — `AppJsonContext` references
           `WeatherForecast` via [JsonSerializable]. Demeanor
           auto-detects this and will preserve its properties.
           No action needed.

        2. **WPF data binding** — `MainViewModel` implements
           INotifyPropertyChanged. Demeanor auto-detects this.
           No action needed.

        3. **Binary serialization** — `LegacySettings` is marked
           [Serializable]. If you persist this to disk, add:
           `--exclude "MyApp.LegacySettings"`

        Everything else is safe to obfuscate with default settings.