fix: third-party API user_id validation error (DeepSeek, etc.)

When ANTHROPIC_BASE_URL points to a non-Anthropic endpoint (e.g.
DeepSeek), the JSON-formatted user_id containing {, ", : characters
fails validation against ^[a-zA-Z0-9_-]+$. Send only the hex device_id
for third-party providers.

src/services/api/claude.ts

@@ -509,10 +509,30 @@ export function getAPIMetadata() {
     }
   }
 
+  const deviceId = getOrCreateUserID()
+
+  // Third-party API providers (DeepSeek, etc.) validate user_id against
+  // ^[a-zA-Z0-9_-]+$ which rejects JSON strings containing {, ", :, etc.
+  // When using a non-Anthropic base URL, send only the device_id (hex string).
+  const baseUrl = process.env.ANTHROPIC_BASE_URL
+  const isThirdParty =
+    baseUrl &&
+    (() => {
+      try {
+        return new URL(baseUrl).host !== 'api.anthropic.com'
+      } catch {
+        return false
+      }
+    })()
+
+  if (isThirdParty) {
+    return { user_id: deviceId }
+  }
+
   return {
     user_id: jsonStringify({
       ...extra,
-      device_id: getOrCreateUserID(),
+      device_id: deviceId,
       // Only include OAuth account UUID when actively using OAuth authentication
       account_uuid: getOauthAccountInfo()?.accountUuid ?? '',
       session_id: getSessionId(),