feat: add --explain flag for LLM-powered vulnerability explanations

## Summary

Add an opt-in `--explain` flag that enriches scan findings with plain-English AI explanations, helping developers understand what a vulnerability does and whether they are at risk.

## Behaviour

- `cve-lite . --explain` — fetches explanations for all findings at or above `--min-severity` and renders them inline beneath each finding
- `cve-lite . --explain 2` — explains finding by index number
- `cve-lite . --explain CVE-2021-23337` — explains by CVE/OSV ID
- Explanations fetched in parallel, concurrency capped at 3
- `--explain` is mutually exclusive with `--offline`
- Config-driven: global `~/.cve-lite/config.json` and/or project `.cve-lite.json`
- No new npm dependencies — uses Node's built-in `fetch`

## New files

- `src/llm/config.ts` — config loader (global + project, project overrides global)
- `src/llm/client.ts` — thin HTTPS client for Claude API (retries on 429, timeout handling)
- `src/llm/explainer.ts` — prompt builder + concurrency-capped explainer

## Output

Terminal: `🤖` emoji prefix inline beneath each finding  
HTML report: expandable AI Explanation section  
JSON: `explanation: string | null` field per finding

## Config format

```json
{
  "llm": {
    "provider": "claude",
    "providers": {
      "claude": { "apiKey": "sk-ant-..." }
    }
  }
}
```


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

feat: add --explain flag for LLM-powered vulnerability explanations #328

Summary

Behaviour

New files

Output

Config format

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

feat: add --explain flag for LLM-powered vulnerability explanations #328

Description

Summary

Behaviour

New files

Output

Config format

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions