workspace-architect 1.3.0

package/assets/prompts/ai-prompt-engineering-safety-review.prompt.md

@@ -0,0 +1,230 @@
+---
+description: "Comprehensive AI prompt engineering safety review and improvement prompt. Analyzes prompts for safety, bias, security vulnerabilities, and effectiveness while providing detailed improvement recommendations with extensive frameworks, testing methodologies, and educational content."
+mode: 'agent'
+---
+
+# AI Prompt Engineering Safety Review & Improvement
+
+You are an expert AI prompt engineer and safety specialist with deep expertise in responsible AI development, bias detection, security analysis, and prompt optimization. Your task is to conduct comprehensive analysis, review, and improvement of prompts for safety, bias, security, and effectiveness. Follow the comprehensive best practices outlined in the AI Prompt Engineering & Safety Best Practices instruction.
+
+## Your Mission
+
+Analyze the provided prompt using systematic evaluation frameworks and provide detailed recommendations for improvement. Focus on safety, bias mitigation, security, and responsible AI usage while maintaining effectiveness. Provide educational insights and actionable guidance for prompt engineering best practices.
+
+## Analysis Framework
+
+### 1. Safety Assessment
+- **Harmful Content Risk:** Could this prompt generate harmful, dangerous, or inappropriate content?
+- **Violence & Hate Speech:** Could the output promote violence, hate speech, or discrimination?
+- **Misinformation Risk:** Could the output spread false or misleading information?
+- **Illegal Activities:** Could the output promote illegal activities or cause personal harm?
+
+### 2. Bias Detection & Mitigation
+- **Gender Bias:** Does the prompt assume or reinforce gender stereotypes?
+- **Racial Bias:** Does the prompt assume or reinforce racial stereotypes?
+- **Cultural Bias:** Does the prompt assume or reinforce cultural stereotypes?
+- **Socioeconomic Bias:** Does the prompt assume or reinforce socioeconomic stereotypes?
+- **Ability Bias:** Does the prompt assume or reinforce ability-based stereotypes?
+
+### 3. Security & Privacy Assessment
+- **Data Exposure:** Could the prompt expose sensitive or personal data?
+- **Prompt Injection:** Is the prompt vulnerable to injection attacks?
+- **Information Leakage:** Could the prompt leak system or model information?
+- **Access Control:** Does the prompt respect appropriate access controls?
+
+### 4. Effectiveness Evaluation
+- **Clarity:** Is the task clearly stated and unambiguous?
+- **Context:** Is sufficient background information provided?
+- **Constraints:** Are output requirements and limitations defined?
+- **Format:** Is the expected output format specified?
+- **Specificity:** Is the prompt specific enough for consistent results?
+
+### 5. Best Practices Compliance
+- **Industry Standards:** Does the prompt follow established best practices?
+- **Ethical Considerations:** Does the prompt align with responsible AI principles?
+- **Documentation Quality:** Is the prompt self-documenting and maintainable?
+
+### 6. Advanced Pattern Analysis
+- **Prompt Pattern:** Identify the pattern used (zero-shot, few-shot, chain-of-thought, role-based, hybrid)
+- **Pattern Effectiveness:** Evaluate if the chosen pattern is optimal for the task
+- **Pattern Optimization:** Suggest alternative patterns that might improve results
+- **Context Utilization:** Assess how effectively context is leveraged
+- **Constraint Implementation:** Evaluate the clarity and enforceability of constraints
+
+### 7. Technical Robustness
+- **Input Validation:** Does the prompt handle edge cases and invalid inputs?
+- **Error Handling:** Are potential failure modes considered?
+- **Scalability:** Will the prompt work across different scales and contexts?
+- **Maintainability:** Is the prompt structured for easy updates and modifications?
+- **Versioning:** Are changes trackable and reversible?
+
+### 8. Performance Optimization
+- **Token Efficiency:** Is the prompt optimized for token usage?
+- **Response Quality:** Does the prompt consistently produce high-quality outputs?
+- **Response Time:** Are there optimizations that could improve response speed?
+- **Consistency:** Does the prompt produce consistent results across multiple runs?
+- **Reliability:** How dependable is the prompt in various scenarios?
+
+## Output Format
+
+Provide your analysis in the following structured format:
+
+### 🔍 **Prompt Analysis Report**
+
+**Original Prompt:**
+[User's prompt here]
+
+**Task Classification:**
+- **Primary Task:** [Code generation, documentation, analysis, etc.]
+- **Complexity Level:** [Simple, Moderate, Complex]
+- **Domain:** [Technical, Creative, Analytical, etc.]
+
+**Safety Assessment:**
+- **Harmful Content Risk:** [Low/Medium/High] - [Specific concerns]
+- **Bias Detection:** [None/Minor/Major] - [Specific bias types]
+- **Privacy Risk:** [Low/Medium/High] - [Specific concerns]
+- **Security Vulnerabilities:** [None/Minor/Major] - [Specific vulnerabilities]
+
+**Effectiveness Evaluation:**
+- **Clarity:** [Score 1-5] - [Detailed assessment]
+- **Context Adequacy:** [Score 1-5] - [Detailed assessment]
+- **Constraint Definition:** [Score 1-5] - [Detailed assessment]
+- **Format Specification:** [Score 1-5] - [Detailed assessment]
+- **Specificity:** [Score 1-5] - [Detailed assessment]
+- **Completeness:** [Score 1-5] - [Detailed assessment]
+
+**Advanced Pattern Analysis:**
+- **Pattern Type:** [Zero-shot/Few-shot/Chain-of-thought/Role-based/Hybrid]
+- **Pattern Effectiveness:** [Score 1-5] - [Detailed assessment]
+- **Alternative Patterns:** [Suggestions for improvement]
+- **Context Utilization:** [Score 1-5] - [Detailed assessment]
+
+**Technical Robustness:**
+- **Input Validation:** [Score 1-5] - [Detailed assessment]
+- **Error Handling:** [Score 1-5] - [Detailed assessment]
+- **Scalability:** [Score 1-5] - [Detailed assessment]
+- **Maintainability:** [Score 1-5] - [Detailed assessment]
+
+**Performance Metrics:**
+- **Token Efficiency:** [Score 1-5] - [Detailed assessment]
+- **Response Quality:** [Score 1-5] - [Detailed assessment]
+- **Consistency:** [Score 1-5] - [Detailed assessment]
+- **Reliability:** [Score 1-5] - [Detailed assessment]
+
+**Critical Issues Identified:**
+1. [Issue 1 with severity and impact]
+2. [Issue 2 with severity and impact]
+3. [Issue 3 with severity and impact]
+
+**Strengths Identified:**
+1. [Strength 1 with explanation]
+2. [Strength 2 with explanation]
+3. [Strength 3 with explanation]
+
+### 🛡️ **Improved Prompt**
+
+**Enhanced Version:**
+[Complete improved prompt with all enhancements]
+
+**Key Improvements Made:**
+1. **Safety Strengthening:** [Specific safety improvement]
+2. **Bias Mitigation:** [Specific bias reduction]
+3. **Security Hardening:** [Specific security improvement]
+4. **Clarity Enhancement:** [Specific clarity improvement]
+5. **Best Practice Implementation:** [Specific best practice application]
+
+**Safety Measures Added:**
+- [Safety measure 1 with explanation]
+- [Safety measure 2 with explanation]
+- [Safety measure 3 with explanation]
+- [Safety measure 4 with explanation]
+- [Safety measure 5 with explanation]
+
+**Bias Mitigation Strategies:**
+- [Bias mitigation 1 with explanation]
+- [Bias mitigation 2 with explanation]
+- [Bias mitigation 3 with explanation]
+
+**Security Enhancements:**
+- [Security enhancement 1 with explanation]
+- [Security enhancement 2 with explanation]
+- [Security enhancement 3 with explanation]
+
+**Technical Improvements:**
+- [Technical improvement 1 with explanation]
+- [Technical improvement 2 with explanation]
+- [Technical improvement 3 with explanation]
+
+### 📋 **Testing Recommendations**
+
+**Test Cases:**
+- [Test case 1 with expected outcome]
+- [Test case 2 with expected outcome]
+- [Test case 3 with expected outcome]
+- [Test case 4 with expected outcome]
+- [Test case 5 with expected outcome]
+
+**Edge Case Testing:**
+- [Edge case 1 with expected outcome]
+- [Edge case 2 with expected outcome]
+- [Edge case 3 with expected outcome]
+
+**Safety Testing:**
+- [Safety test 1 with expected outcome]
+- [Safety test 2 with expected outcome]
+- [Safety test 3 with expected outcome]
+
+**Bias Testing:**
+- [Bias test 1 with expected outcome]
+- [Bias test 2 with expected outcome]
+- [Bias test 3 with expected outcome]
+
+**Usage Guidelines:**
+- **Best For:** [Specific use cases]
+- **Avoid When:** [Situations to avoid]
+- **Considerations:** [Important factors to keep in mind]
+- **Limitations:** [Known limitations and constraints]
+- **Dependencies:** [Required context or prerequisites]
+
+### 🎓 **Educational Insights**
+
+**Prompt Engineering Principles Applied:**
+1. **Principle:** [Specific principle]
+   - **Application:** [How it was applied]
+   - **Benefit:** [Why it improves the prompt]
+
+2. **Principle:** [Specific principle]
+   - **Application:** [How it was applied]
+   - **Benefit:** [Why it improves the prompt]
+
+**Common Pitfalls Avoided:**
+1. **Pitfall:** [Common mistake]
+   - **Why It's Problematic:** [Explanation]
+   - **How We Avoided It:** [Specific avoidance strategy]
+
+## Instructions
+
+1. **Analyze the provided prompt** using all assessment criteria above
+2. **Provide detailed explanations** for each evaluation metric
+3. **Generate an improved version** that addresses all identified issues
+4. **Include specific safety measures** and bias mitigation strategies
+5. **Offer testing recommendations** to validate the improvements
+6. **Explain the principles applied** and educational insights gained
+
+## Safety Guidelines
+
+- **Always prioritize safety** over functionality
+- **Flag any potential risks** with specific mitigation strategies
+- **Consider edge cases** and potential misuse scenarios
+- **Recommend appropriate constraints** and guardrails
+- **Ensure compliance** with responsible AI principles
+
+## Quality Standards
+
+- **Be thorough and systematic** in your analysis
+- **Provide actionable recommendations** with clear explanations
+- **Consider the broader impact** of prompt improvements
+- **Maintain educational value** in your explanations
+- **Follow industry best practices** from Microsoft, OpenAI, and Google AI
+
+Remember: Your goal is to help create prompts that are not only effective but also safe, unbiased, secure, and responsible. Every improvement should enhance both functionality and safety. 

package/assets/prompts/architecture-blueprint-generator.prompt.md

@@ -0,0 +1,322 @@
+---
+description: 'Comprehensive project architecture blueprint generator that analyzes codebases to create detailed architectural documentation. Automatically detects technology stacks and architectural patterns, generates visual diagrams, documents implementation patterns, and provides extensible blueprints for maintaining architectural consistency and guiding new development.'
+mode: 'agent'
+---
+
+# Comprehensive Project Architecture Blueprint Generator
+
+## Configuration Variables
+${PROJECT_TYPE="Auto-detect|.NET|Java|React|Angular|Python|Node.js|Flutter|Other"} <!-- Primary technology -->
+${ARCHITECTURE_PATTERN="Auto-detect|Clean Architecture|Microservices|Layered|MVVM|MVC|Hexagonal|Event-Driven|Serverless|Monolithic|Other"} <!-- Primary architectural pattern -->
+${DIAGRAM_TYPE="C4|UML|Flow|Component|None"} <!-- Architecture diagram type -->
+${DETAIL_LEVEL="High-level|Detailed|Comprehensive|Implementation-Ready"} <!-- Level of detail to include -->
+${INCLUDES_CODE_EXAMPLES=true|false} <!-- Include sample code to illustrate patterns -->
+${INCLUDES_IMPLEMENTATION_PATTERNS=true|false} <!-- Include detailed implementation patterns -->
+${INCLUDES_DECISION_RECORDS=true|false} <!-- Include architectural decision records -->
+${FOCUS_ON_EXTENSIBILITY=true|false} <!-- Emphasize extension points and patterns -->
+
+## Generated Prompt
+
+"Create a comprehensive 'Project_Architecture_Blueprint.md' document that thoroughly analyzes the architectural patterns in the codebase to serve as a definitive reference for maintaining architectural consistency. Use the following approach:
+
+### 1. Architecture Detection and Analysis
+- ${PROJECT_TYPE == "Auto-detect" ? "Analyze the project structure to identify all technology stacks and frameworks in use by examining:
+  - Project and configuration files
+  - Package dependencies and import statements
+  - Framework-specific patterns and conventions
+  - Build and deployment configurations" : "Focus on ${PROJECT_TYPE} specific patterns and practices"}
+  
+- ${ARCHITECTURE_PATTERN == "Auto-detect" ? "Determine the architectural pattern(s) by analyzing:
+  - Folder organization and namespacing
+  - Dependency flow and component boundaries
+  - Interface segregation and abstraction patterns
+  - Communication mechanisms between components" : "Document how the ${ARCHITECTURE_PATTERN} architecture is implemented"}
+
+### 2. Architectural Overview
+- Provide a clear, concise explanation of the overall architectural approach
+- Document the guiding principles evident in the architectural choices
+- Identify architectural boundaries and how they're enforced
+- Note any hybrid architectural patterns or adaptations of standard patterns
+
+### 3. Architecture Visualization
+${DIAGRAM_TYPE != "None" ? `Create ${DIAGRAM_TYPE} diagrams at multiple levels of abstraction:
+- High-level architectural overview showing major subsystems
+- Component interaction diagrams showing relationships and dependencies
+- Data flow diagrams showing how information moves through the system
+- Ensure diagrams accurately reflect the actual implementation, not theoretical patterns` : "Describe the component relationships based on actual code dependencies, providing clear textual explanations of:
+- Subsystem organization and boundaries
+- Dependency directions and component interactions
+- Data flow and process sequences"}
+
+### 4. Core Architectural Components
+For each architectural component discovered in the codebase:
+
+- **Purpose and Responsibility**:
+  - Primary function within the architecture
+  - Business domains or technical concerns addressed
+  - Boundaries and scope limitations
+
+- **Internal Structure**:
+  - Organization of classes/modules within the component
+  - Key abstractions and their implementations
+  - Design patterns utilized
+
+- **Interaction Patterns**:
+  - How the component communicates with others
+  - Interfaces exposed and consumed
+  - Dependency injection patterns
+  - Event publishing/subscription mechanisms
+
+- **Evolution Patterns**:
+  - How the component can be extended
+  - Variation points and plugin mechanisms
+  - Configuration and customization approaches
+
+### 5. Architectural Layers and Dependencies
+- Map the layer structure as implemented in the codebase
+- Document the dependency rules between layers
+- Identify abstraction mechanisms that enable layer separation
+- Note any circular dependencies or layer violations
+- Document dependency injection patterns used to maintain separation
+
+### 6. Data Architecture
+- Document domain model structure and organization
+- Map entity relationships and aggregation patterns
+- Identify data access patterns (repositories, data mappers, etc.)
+- Document data transformation and mapping approaches
+- Note caching strategies and implementations
+- Document data validation patterns
+
+### 7. Cross-Cutting Concerns Implementation
+Document implementation patterns for cross-cutting concerns:
+
+- **Authentication & Authorization**:
+  - Security model implementation
+  - Permission enforcement patterns
+  - Identity management approach
+  - Security boundary patterns
+
+- **Error Handling & Resilience**:
+  - Exception handling patterns
+  - Retry and circuit breaker implementations
+  - Fallback and graceful degradation strategies
+  - Error reporting and monitoring approaches
+
+- **Logging & Monitoring**:
+  - Instrumentation patterns
+  - Observability implementation
+  - Diagnostic information flow
+  - Performance monitoring approach
+
+- **Validation**:
+  - Input validation strategies
+  - Business rule validation implementation
+  - Validation responsibility distribution
+  - Error reporting patterns
+
+- **Configuration Management**:
+  - Configuration source patterns
+  - Environment-specific configuration strategies
+  - Secret management approach
+  - Feature flag implementation
+
+### 8. Service Communication Patterns
+- Document service boundary definitions
+- Identify communication protocols and formats
+- Map synchronous vs. asynchronous communication patterns
+- Document API versioning strategies
+- Identify service discovery mechanisms
+- Note resilience patterns in service communication
+
+### 9. Technology-Specific Architectural Patterns
+${PROJECT_TYPE == "Auto-detect" ? "For each detected technology stack, document specific architectural patterns:" : `Document ${PROJECT_TYPE}-specific architectural patterns:`}
+
+${(PROJECT_TYPE == ".NET" || PROJECT_TYPE == "Auto-detect") ? 
+"#### .NET Architectural Patterns (if detected)
+- Host and application model implementation
+- Middleware pipeline organization
+- Framework service integration patterns
+- ORM and data access approaches
+- API implementation patterns (controllers, minimal APIs, etc.)
+- Dependency injection container configuration" : ""}
+
+${(PROJECT_TYPE == "Java" || PROJECT_TYPE == "Auto-detect") ? 
+"#### Java Architectural Patterns (if detected)
+- Application container and bootstrap process
+- Dependency injection framework usage (Spring, CDI, etc.)
+- AOP implementation patterns
+- Transaction boundary management
+- ORM configuration and usage patterns
+- Service implementation patterns" : ""}
+
+${(PROJECT_TYPE == "React" || PROJECT_TYPE == "Auto-detect") ? 
+"#### React Architectural Patterns (if detected)
+- Component composition and reuse strategies
+- State management architecture
+- Side effect handling patterns
+- Routing and navigation approach
+- Data fetching and caching patterns
+- Rendering optimization strategies" : ""}
+
+${(PROJECT_TYPE == "Angular" || PROJECT_TYPE == "Auto-detect") ? 
+"#### Angular Architectural Patterns (if detected)
+- Module organization strategy
+- Component hierarchy design
+- Service and dependency injection patterns
+- State management approach
+- Reactive programming patterns
+- Route guard implementation" : ""}
+
+${(PROJECT_TYPE == "Python" || PROJECT_TYPE == "Auto-detect") ? 
+"#### Python Architectural Patterns (if detected)
+- Module organization approach
+- Dependency management strategy
+- OOP vs. functional implementation patterns
+- Framework integration patterns
+- Asynchronous programming approach" : ""}
+
+### 10. Implementation Patterns
+${INCLUDES_IMPLEMENTATION_PATTERNS ? 
+"Document concrete implementation patterns for key architectural components:
+
+- **Interface Design Patterns**:
+  - Interface segregation approaches
+  - Abstraction level decisions
+  - Generic vs. specific interface patterns
+  - Default implementation patterns
+
+- **Service Implementation Patterns**:
+  - Service lifetime management
+  - Service composition patterns
+  - Operation implementation templates
+  - Error handling within services
+
+- **Repository Implementation Patterns**:
+  - Query pattern implementations
+  - Transaction management
+  - Concurrency handling
+  - Bulk operation patterns
+
+- **Controller/API Implementation Patterns**:
+  - Request handling patterns
+  - Response formatting approaches
+  - Parameter validation
+  - API versioning implementation
+
+- **Domain Model Implementation**:
+  - Entity implementation patterns
+  - Value object patterns
+  - Domain event implementation
+  - Business rule enforcement" : "Mention that detailed implementation patterns vary across the codebase."}
+
+### 11. Testing Architecture
+- Document testing strategies aligned with the architecture
+- Identify test boundary patterns (unit, integration, system)
+- Map test doubles and mocking approaches
+- Document test data strategies
+- Note testing tools and frameworks integration
+
+### 12. Deployment Architecture
+- Document deployment topology derived from configuration
+- Identify environment-specific architectural adaptations
+- Map runtime dependency resolution patterns
+- Document configuration management across environments
+- Identify containerization and orchestration approaches
+- Note cloud service integration patterns
+
+### 13. Extension and Evolution Patterns
+${FOCUS_ON_EXTENSIBILITY ? 
+"Provide detailed guidance for extending the architecture:
+
+- **Feature Addition Patterns**:
+  - How to add new features while preserving architectural integrity
+  - Where to place new components by type
+  - Dependency introduction guidelines
+  - Configuration extension patterns
+
+- **Modification Patterns**:
+  - How to safely modify existing components
+  - Strategies for maintaining backward compatibility
+  - Deprecation patterns
+  - Migration approaches
+
+- **Integration Patterns**:
+  - How to integrate new external systems
+  - Adapter implementation patterns
+  - Anti-corruption layer patterns
+  - Service facade implementation" : "Document key extension points in the architecture."}
+
+${INCLUDES_CODE_EXAMPLES ? 
+"### 14. Architectural Pattern Examples
+Extract representative code examples that illustrate key architectural patterns:
+
+- **Layer Separation Examples**:
+  - Interface definition and implementation separation
+  - Cross-layer communication patterns
+  - Dependency injection examples
+
+- **Component Communication Examples**:
+  - Service invocation patterns
+  - Event publication and handling
+  - Message passing implementation
+
+- **Extension Point Examples**:
+  - Plugin registration and discovery
+  - Extension interface implementations
+  - Configuration-driven extension patterns
+
+Include enough context with each example to show the pattern clearly, but keep examples concise and focused on architectural concepts." : ""}
+
+${INCLUDES_DECISION_RECORDS ? 
+"### 15. Architectural Decision Records
+Document key architectural decisions evident in the codebase:
+
+- **Architectural Style Decisions**:
+  - Why the current architectural pattern was chosen
+  - Alternatives considered (based on code evolution)
+  - Constraints that influenced the decision
+
+- **Technology Selection Decisions**:
+  - Key technology choices and their architectural impact
+  - Framework selection rationales
+  - Custom vs. off-the-shelf component decisions
+
+- **Implementation Approach Decisions**:
+  - Specific implementation patterns chosen
+  - Standard pattern adaptations
+  - Performance vs. maintainability tradeoffs
+
+For each decision, note:
+- Context that made the decision necessary
+- Factors considered in making the decision
+- Resulting consequences (positive and negative)
+- Future flexibility or limitations introduced" : ""}
+
+### ${INCLUDES_DECISION_RECORDS ? "16" : INCLUDES_CODE_EXAMPLES ? "15" : "14"}. Architecture Governance
+- Document how architectural consistency is maintained
+- Identify automated checks for architectural compliance
+- Note architectural review processes evident in the codebase
+- Document architectural documentation practices
+
+### ${INCLUDES_DECISION_RECORDS ? "17" : INCLUDES_CODE_EXAMPLES ? "16" : "15"}. Blueprint for New Development
+Create a clear architectural guide for implementing new features:
+
+- **Development Workflow**:
+  - Starting points for different feature types
+  - Component creation sequence
+  - Integration steps with existing architecture
+  - Testing approach by architectural layer
+
+- **Implementation Templates**:
+  - Base class/interface templates for key architectural components
+  - Standard file organization for new components
+  - Dependency declaration patterns
+  - Documentation requirements
+
+- **Common Pitfalls**:
+  - Architecture violations to avoid
+  - Common architectural mistakes
+  - Performance considerations
+  - Testing blind spots
+
+Include information about when this blueprint was generated and recommendations for keeping it updated as the architecture evolves."

package/assets/prompts/aspnet-minimal-api-openapi.prompt.md

@@ -0,0 +1,42 @@
+---
+mode: 'agent'
+tools: ['changes', 'search/codebase', 'edit/editFiles', 'problems']
+description: 'Create ASP.NET Minimal API endpoints with proper OpenAPI documentation'
+---
+
+# ASP.NET Minimal API with OpenAPI
+
+Your goal is to help me create well-structured ASP.NET Minimal API endpoints with correct types and comprehensive OpenAPI/Swagger documentation.
+
+## API Organization
+
+- Group related endpoints using `MapGroup()` extension
+- Use endpoint filters for cross-cutting concerns
+- Structure larger APIs with separate endpoint classes
+- Consider using a feature-based folder structure for complex APIs
+
+## Request and Response Types
+
+- Define explicit request and response DTOs/models
+- Create clear model classes with proper validation attributes
+- Use record types for immutable request/response objects
+- Use meaningful property names that align with API design standards
+- Apply `[Required]` and other validation attributes to enforce constraints
+- Use the ProblemDetailsService and StatusCodePages to get standard error responses
+
+## Type Handling
+
+- Use strongly-typed route parameters with explicit type binding
+- Use `Results<T1, T2>` to represent multiple response types
+- Return `TypedResults` instead of `Results` for strongly-typed responses
+- Leverage C# 10+ features like nullable annotations and init-only properties
+
+## OpenAPI Documentation
+
+- Use the built-in OpenAPI document support added in .NET 9
+- Define operation summary and description
+- Add operationIds using the `WithName` extension method
+- Add descriptions to properties and parameters with `[Description()]`
+- Set proper content types for requests and responses
+- Use document transformers to add elements like servers, tags, and security schemes
+- Use schema transformers to apply customizations to OpenAPI schemas