Remove unnecessary credential obfuscation

Current compile-time approach is correct for bootstrap architecture:
- Credentials only used during build
- Agent never sees them after
- No binary distribution
- Strings extraction is irrelevant threat

Obfuscation was over-engineering for this use case.

tools/go/obfuscation/obfuscation.go

@@ -1,55 +0,0 @@
-package main
-
-import (
-	"encoding/base64"
-	"fmt"
-)
-
-// Build-time obfuscated credentials
-var (
-	ObfuscatedServer   string
-	ObfuscatedUser     string
-	ObfuscatedPassword string
-	ObfuscationKey    string
-)
-
-// DeobfuscateString reverses the XOR obfuscation applied at build time
-func DeobfuscateString(obfuscatedBase64, key string) (string, error) {
-	// Decode base64
-	obfuscated, err := base64.StdEncoding.DecodeString(obfuscatedBase64)
-	if err != nil {
-		return "", fmt.Errorf("failed to decode obfuscated string: %w", err)
-	}
-
-	// XOR de-obfuscation
-	result := make([]byte, len(obfuscated))
-	keyBytes := []byte(key)
-	keyLen := len(keyBytes)
-
-	for i := 0; i < len(obfuscated); i++ {
-		result[i] = obfuscated[i] ^ keyBytes[i%keyLen]
-	}
-
-	return string(result), nil
-}
-
-// GetDeobfuscatedCredentials returns the actual credentials
-// This is called at runtime to retrieve and de-obfuscate credentials
-func GetDeobfuscatedCredentials() (server, user, password string, err error) {
-	server, err := DeobfuscateString(ObfuscatedServer, ObfuscationKey)
-	if err != nil {
-		return "", "", "", fmt.Errorf("failed to de-obfuscate server: %w", err)
-	}
-
-	user, err := DeobfuscateString(ObfuscatedUser, ObfuscationKey)
-	if err != nil {
-		return "", "", "", fmt.Errorf("failed to de-obfuscate user: %w", err)
-	}
-
-	password, err := DeobfuscateString(ObfuscatedPassword, ObfuscationKey)
-	if err != nil {
-		return "", "", "", fmt.Errorf("failed to de-obfuscate password: %w", err)
-	}
-
-	return server, user, password, nil
-}