Strip operator-private files from sdist + add structural defense

The PII audit run before this publish caught three files that have been
leaking operator-specific paths to PyPI in v2.1.6, v2.1.7, and v2.2.0:

- claude_desktop_config.json (personal Claude Desktop config snapshot)
- mcp-pdf-tools-launcher.sh (obsolete — uvx replaces it)
- mcp-config-example.json (had hardcoded /home/rpm path + old package name)

Fix:
- Delete the personal config and obsolete launcher
- Sanitize the example to use uvx with the [markdown] extra (matches docs)
- Add [tool.hatch.build.targets.sdist] exclude block per
  ~/.claude/rules/python.md to prevent recurrence — covers dev artifacts,
  fixture PDFs, internal architecture notes, and CI scripts

Side benefit: sdist size dropped from 2.4 MB to 304 KB (8× reduction),
mostly from excluding examples/*.pdf and the tests/ fixture PDF.

The /home/rpm leaks in prior versions are not credentials, just operator
paths — not yanking. Going forward the unpacked-sdist grep is mandatory
before each publish.

claude_desktop_config.json

@@ -1,16 +0,0 @@
-{
-  "mcpServers": {
-    "pdf-tools": {
-      "command": "uv",
-      "args": [
-        "--directory",
-        "/home/rpm/claude/mcp-pdf-tools",
-        "run",
-        "mcp-pdf-tools"
-      ],
-      "env": {
-        "PDF_TEMP_DIR": "/tmp/mcp-pdf-processing"
-      }
-    }
-  }
-}

mcp-config-example.json

@@ -1,9 +1,11 @@
 {
   "mcpServers": {
     "pdf-tools": {
-      "command": "uv",
+      "command": "uvx",
-      "args": ["run", "--directory", "/home/rpm/claude/mcp-pdf-tools", "mcp-pdf-tools"],
+      "args": ["--from", "mcp-pdf[markdown]", "mcp-pdf"],
-      "env": {}
+      "env": {
+        "PDF_TEMP_DIR": "/tmp/mcp-pdf-processing"
+      }
     }
   }
-}
+}

mcp-pdf-tools-launcher.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-cd /home/rpm/claude/mcp-pdf-tools
-exec uv run mcp-pdf-tools "$@"

pyproject.toml

@@ -99,6 +99,32 @@ dev = [
 requires = ["hatchling"]
 build-backend = "hatchling.build"
 
+# Keep dev-only artifacts out of the sdist that ships to PyPI.
+# (The PII audit also runs against the unpacked sdist before each publish —
+# see ~/.claude/rules/python.md.)
+[tool.hatch.build.targets.sdist]
+exclude = [
+  "CLAUDE.md",          # operator-private project context
+  ".env", ".env.local", # never ship credentials
+  ".mcp.json",          # contains local filesystem paths
+  ".pytest_cache/",
+  ".ruff_cache/",
+  "build/",
+  "dist/",
+  "examples/page_001.png",
+  "examples/*.pdf",     # demo PDFs are large + not needed by end users
+  "examples/test_demo.*",
+  "tests/CopperSprings_DigitalPortfolio.pdf",  # large fixture PDF
+  "test_security_features.py",
+  "test_integration.py",
+  "MCPMIXIN_*.md",      # internal architecture/migration notes
+  "MCP_DOCX_TOOLS_PLAN.md",
+  "claude-mcp-manager", # personal helper script
+  "run-mcp-server.sh",
+  "docker-compose.yml",
+  "Dockerfile",
+]
+
 [tool.pytest.ini_options]
 asyncio_mode = "auto"
 addopts = "-v --tb=short"