The iPhone utility toolkit. One Apple Shortcut. 25+ file utilities. No app, no signup, no tracking.
This repository is a transparency layer for Grabio β a privacy-first iPhone utility toolkit that lives inside the iOS share sheet. It documents what Grabio is, what it collects, how it processes your files, your rights under GDPR / CCPA, and how to report security issues.
β οΈ This is not the shipping source code. Grabio runs as an Apple Shortcut + a private Node/Express backend on Hetzner (Germany). This repo exists so anyone can audit our privacy posture, architecture, and contractual surface before installing the Shortcut.
The Shortcut is distributed via iCloud (no App Store needed). One tap, no sign-up, free forever for 5 actions/day.
| What it is | An iOS 14+ Apple Shortcut that adds 25+ file utilities to your iPhone share sheet |
| What it does | Compress, convert, PDF tools, background remove, QR codes, photo resize, format conversion, privacy stripping |
| Free tier | 5 actions/day, every utility, forever |
| Pro tier | $3/month β 30 actions/day. 7-day refund, no questions. |
| Where it runs | Backend on Hetzner Online GmbH, Germany (EU). Files processed in memory or in a permission-locked temp folder. |
| What it collects | SHA-256 hash of your iOS device identifier (rate-limit + Pro binding). No email stored β Pro purchase emails live at Polar.sh (Merchant of Record), not Grabio. No name, no phone, no IP stored long-term. |
| What it retains | Device hash: 30 days rolling Β· daily counter: 48h Β· files: β€1 hour Β· request logs: 24h |
| Trackers | None. No Google Analytics, no Facebook Pixel, no third-party ad SDKs. Plausible (self-hosted) for aggregate page views only. |
| License | Documentation in this repo: MIT. The Apple Shortcut itself is closed-source. |
| File / dir | What it covers |
|---|---|
PRIVACY.md |
Architecture, data-flow diagrams, retention table, GDPR rights, subprocessors |
ARCHITECTURE.md |
How the Shortcut, the backend, and the Redis layer fit together |
SECURITY.md |
Responsible disclosure β how to report a vulnerability |
CHANGELOG.md |
Public release history |
openapi.yaml |
Machine-readable contract for every public endpoint |
verify/ |
Runnable Node CLI that mechanically validates every privacy claim against the live host |
reference/ |
MIT-licensed reference modules (device hashing, TTL janitor, sliding-window rate limiter, bot-resistant subscribe) |
.github/ISSUE_TEMPLATE/ |
Templates for bugs, feature requests, privacy questions |
You don't have to take the docs at face value. Clone this repo and run:
cd verify
node verify-privacy.jsIt hits the live host and checks 15+ claims (no cookies, no trackers, self-hosted fonts, rate-limit headers, JSON-LD on legal pages, sitemap exclusions, HSTS, etc.). Exits 0 if all pass, 1 if any fail. Anything that fails is a SECURITY.md report waiting to happen.
When a free privacy tool comes from a single solo developer, the obvious next thought is: "wait, what's the catch?". The catch is normally your data. This repo exists so you can verify there isn't one before you install anything.
You can:
- Read
PRIVACY.mdto see exactly what hits the server. - Read
ARCHITECTURE.mdto see why the architecture makes it structurally impossible for the operator to see your files. - Run your own HTTPS inspector (Charles Proxy on iPhone) and confirm the only thing Grabio sends is a SHA-256 hash + the file you're processing β no telemetry, no identifiers.
- File a privacy question via the issue template if anything looks off.
- You install the Shortcut from iCloud (one tap).
- The Shortcut adds itself to your iOS share sheet.
- When you tap Share β Grabio on any file, the Shortcut sends the file to our backend over HTTPS.
- The backend processes the file in memory (compress, convert, etc.) and returns the result.
- The result lands back in Photos or Files. The original file on the server is deleted within 1 hour.
No account, no email collected on Grabio's side, no telemetry. The backend's database is a row of integers (hash:date = count) for rate-limiting and a single Pro-entitlement key per device. That's it. If you buy Pro, your email goes to Polar (our payment processor) β never to Grabio's server.
Grabio is sharing-first: every utility is invoked by "Share β Grabio" from the iOS share sheet. The Shortcut binary submenus cover ~25 utilities. A small number of advanced API-only endpoints exist for direct callers but are not yet reachable from the share sheet (they need the Shortcut binary to support multi-file picking).
| Feature | Share-sheet wired | API endpoint |
|---|---|---|
| Webpage β PDF | β Share URL β "Save as PDF" | /api/v3/url/to-pdf |
| Webpage β Screenshot | β Share URL β "Save as Image" | /api/v3/url/to-image |
| Photo compress to exact KB | β Share photo β "Compress to exact size" | /api/v3/compress-exact |
| Smart photo compress | β | (legacy) |
| HEIC / image format convert | β | (legacy) |
| Video / audio format convert | β | ffmpeg |
| Resize for social presets | β Share photo β "Resize for social" | /api/v3/resize |
| Photo β PDF | β Share photo β "Convert to PDF" | /api/v3/pdf/from-photo |
| White background fill | β Share photo β "White Background Fill" | /api/v3/bg-fill |
| AI background remove | β (Pro) | rembg |
| Live Photo β GIF | β Share Live Photo β "GIF" | ffmpeg |
| Strip EXIF / location | β Share photo β "Strip EXIF" | (legacy) |
| Decode QR code | β Share QR image β "Decode QR Code" | /api/v3/qr/decode |
| Compress PDF | β Share PDF β "Compress PDF" | /api/v3/pdf/compress |
| Strip PDF metadata | β Share PDF β "Strip PDF metadata" | /api/v3/pdf/strip-metadata |
| Extract / Delete PDF pages | β Share PDF β presets | /api/v3/pdf/extract-pages Β· /api/v3/pdf/delete-pages |
| Multi-photo β PDF | β API-only (needs multi-file picker in Shortcut binary) | /api/v3/pdf/from-photos |
| Combine multiple PDFs | β API-only (same reason) | /api/v3/pdf/combine |
| Combine photos + PDFs | β API-only (same reason) | /api/v3/pdf/combine-mixed |
| QR code generation | β API-only (Grabio is share-first; iOS users decode, don't generate) | /api/v3/qr |
Full machine-readable contract: openapi.yaml.
Grabio is operated by Aditya R Sharma, an independent developer.
- π§ grabio@adityaarsharma.com β human reply within 24 hours on weekdays
- π adityaarsharma.com β personal site
- π‘ Privacy Policy Β· Terms Β· Refund
Issues + privacy questions: open in the Issues tab.
Pull requests on this docs repo are welcome β typos, clarifications, architecture corrections, additions to the privacy table.
Code contributions to the Apple Shortcut or the backend are not accepted (closed-source for legal-surface reasons).
The documentation in this repository is released under MIT. The Grabio Apple Shortcut and backend service are proprietary.
Built solo by Aditya R Sharma, in public.