NorskHelsenett/prism — reverse-engineered prompt

Build me a simple but polished internal app called PRISM for managing penetration test findings. I want a web UI where people can sign in with OpenID Connect, land on a dashboard, create and browse projects, and track vulnerabilities found during assessments. Each finding should have a details page with status, severity, ownership, notes, and enough info to support reporting and follow up. Regular users should be able to work with projects and findings, and admins should have elevated access.

Please make it a SvelteKit frontend with a Go API, using SQLite for storage, and support both GraphQL and REST like the original idea. It should be configurable from a YAML file, including OIDC providers, CORS, admin users, database path, secrets, and optional Slack settings. For local development, make it easy to run with a mock OIDC provider and include test users so I can log in right away.

If possible, also make it easy to run in a container and deploy to Kubernetes with Helm. Look up current docs online if you need to.