4osp3l/0xJS — reverse-engineered prompt

Build me a simple AI powered JavaScript security scanner called 0xJS. I want to be able to run it from the command line, add my Gemini API key once, then scan either a single JavaScript file URL or a text file full of URLs. The tool should have clear modes for finding sensitive data in JS, pulling out endpoints and URLs, checking for likely security issues, and saving the API key in a local env file.

Please make the output easy to read and useful for someone doing authorized security testing. If a Discord webhook is configured in a local webhook file, send the scan results or notifications there too. Include a small helper for very large JS files so they can be split before scanning, since big files may hit size limits.

Keep setup straightforward with Python, environment loading, and simple dependency install instructions. Add basic help text and examples so I can run it right away. Also include a clear reminder that it should only be used on systems I have permission to test.