@ilspy this is something I think #dotnet devs should take seriously. Reading dotnet assemblies to look for vulnerabilities has been a question of skill and motivation. Why spend time doing it if it's just for an internal app? But it's no sweat for a coding agent to look at how a client assembly makes requests to a service and write its own version in another language. Or accidentally turn off monitoring or bypass insecure licensing.

Either obfuscate or consider yourself "source open".