Doesn't seems necessary if you are using claude via bedrock or gpt via azure. At that point, its not different then sending PII through a serverless function.
Care to explain more? I understand the prompt might not be used for training, but how about sanitizing the PII from tracking or logging or memory bugs in these serverless functions
My point is there are plenty of cases where you would send the same PII through a server-less function or internal API (IE PATCH /user/profile). The concerns about logging or bugs are the same in both instances. You could make a case that using a masking tool like this would make it easier to share full production logs, but there are plenty of other ways to secure logs that don't involve modifying the runtime behavior.
