Slack integration

Route Penaxtra finding notifications, scan completions, and runtime gateway block events to Slack channels. The integration uses Slack's incoming webhook + Slack app pattern so per-channel routing stays in Slack's permission model, not Penaxtra's.

Install the Slack app

1. In Penaxtra, Integrations → Slack → Install.
2. Click Authorize; the OAuth flow lands you back on Penaxtra with the workspace bound to your Slack tenant.
3. Pick a default channel for new findings and (optionally) a separate channel for runtime gateway events.

Per-rule routing

For finer control, Integrations → Slack → Routes → New:

• Match: severity >= high, framework_refs contains EU_AI_ACT_*
• Action: post to #ai-security-eu-aiact

Multiple routes evaluate in order; the first matching route fires. A finding never produces more than one Slack post.

Notification format

:rotating_light: *High* finding on `Production customer chatbot`
*Probe:* `rag_indirect_v2`
*Frameworks:* OWASP_LLM01, MITRE_ATLAS_AML_T0051, EU_AI_ACT_Art15
*Discovered:* 2026-05-22 10:24 UTC

> ... redacted excerpt ...

<https://penaxtra.com/app/findings/fnd_2026_xxxxxx|Open in Penaxtra>

Acknowledge from Slack

The Slack post includes three message-action buttons:

• Triage - moves the finding to triaged
• Mark resolved - moves to resolved
• Mark false positive - moves to false_positive

Each click is signed by Slack and verified by Penaxtra against the per-workspace signing secret.

Common errors

Security notes

• Slack OAuth refresh tokens are sealed-box encrypted at rest.
• The Slack request signature is verified using v0:<timestamp>:<body> HMAC with constant-time compare.
• Message payloads do NOT include raw prompts; only the redacted excerpt already on the finding record.

Related

• Jira integration
• Webhook signature verification
• Findings API

Last reviewed: 2026-06-13. Reviewed by: Engineering. Content type: Developer documentation. Reach the maintainers: [email protected] .