alihasmat/medibot — reverse-engineered prompt

Build me an internal hospital assistant called MediBot. I want a simple web app where staff can sign in with demo accounts, see their role, and ask questions in plain English across hospital PDFs and, for billing and admin only, the billing database. The big thing is security. Access rules need to be enforced in retrieval itself so a nurse can never get billing or clinical content they should not see, even if they try prompt tricks. Answers should feel helpful, include citations or source references, and clearly say when something is blocked by permissions. Use the sample collections like general, clinical, nursing, billing, and equipment, plus the MediAssist database. Please wire up the backend and frontend so it runs locally with a login screen, chat page, and the one click demo users from the README. If anything is unclear, check current docs online and make sensible choices.