firetix/vibe-coding-penetration-tester — reverse-engineered prompt

Build me a Python app called VibePenTester that acts like an AI assisted penetration tester for web apps I own or have permission to test. I want both a simple command line mode and a local web app where I can start a scan, watch progress, see activity logs, and open past reports. The scanner should use browser automation to actually interact with pages, coordinate a few specialized steps for discovery and vulnerability testing, and let me choose between OpenAI, Anthropic, or Ollama for the model.

Make it support scanning just one URL, a whole domain, or subdomains, and save results in both Markdown and JSON with a clear folder per run. The web side should expose basic API endpoints for starting scans, checking status, canceling, listing reports, and managing a session. If there is already support for hosted mode and billing hooks, keep that available but optional for local use.

Please wire up sensible defaults, env based config, and include a clean local run flow. Look up current docs online if you need to.