I need to protect attended bot uipath package with an password although users should be able to run the package but cannot extract the package to edit the code.
Please help me.
To protect rogue scripts from running on UiPath Robot you should published the bot with a digital certificate. The file nuget.config should also be configured to match the digital fingerprint of your digital certificate. The file nuget.config should be protected from user access.
If users edit your attended bot uipath package, it needs to be re-published with the digital certificate. Please see UiPath official documentation here for details.
There are still ways to bypass this security feature if you know how… you may also want to consider using Windows File Encryption System.