asclepius dummy app

This app is intentionally vulnerable. It exists so the asclepius scanner can find issues in dev and the red-team agent can exploit them in uat.

• /search?q=al — SQL injection
• /greet?name=<script> — reflected XSS
• /users/1 — IDOR
• /login — default creds