Auditing Your Own Code for Required Reason API Declarations with Claude Code
Required reason codes in PrivacyInfo.xcprivacy apply to your own code, not just third-party SDKs. After a wallpaper app of mine was rejected, here is the Claude Code workflow I use to scan Swift sources and match APIs to reason codes before submission.
PII Masking for Claude API Lives or Dies on the Ledger — Restore, Encrypt, Measure
The hard part of masking PII before Claude API isn't detection — it's operating the token ledger you restore from. Encrypted storage, multi-instance sharing, and a daily leak-rate loop, with working code.
Before You Send Reviews and Crash Logs to the Claude API: A Reversible PII Masking Design
When you run App Store reviews and Crashlytics logs through the Claude API, the personal data buried in the text is unavoidable. Here is a reversible masking design that lets you trace the model's output back to the real record, plus the pitfalls I hit in production, with code.
What metadata.user_id in the Claude API Is Actually For — Designing the Abuse-Detection vs. Privacy Trade-off
The metadata.user_id field in the Messages API exists to sharpen abuse detection, but sending raw email addresses creates a privacy problem. Here is the HMAC-based stable pseudo-ID pattern I use, plus a clear set of rules for when to send it and when not to.