Notifications & Escalations

Once Slack is connected, you can control where Nullify's agent sends its messages — directly to the engineer who owns a finding, to a shared channel, or both.

What an escalation is

An escalation is a high-priority nudge the agent sends when a security finding needs developer action — for example, a fix PR is open but unreviewed, a fix is blocked, or a secret needs rotating.

Each escalation is a structured message containing:

• A greeting and the finding's facts (repository, and the file, package, CVE, or secret type).

• A status line describing why it needs attention.

• The risk and the SLA for resolving it.

• A link to the finding in the Nullify dashboard.

• A reaction legend so engineers can triage from Slack:

  • ✅ triaged

  • 👀 in-progress

  • 🚫 false-positive

  • ❌ wontfix

Engineers can also reply in-thread to discuss or ask the agent for more context.

The agent's regular channel messages and campaign nudges are informational updates and follow the same channel configuration described below.

Where to configure it

Go to Configure → Connectors → Slack → Escalations in the dashboard.

This is a single, org-wide policy — it applies to every escalation Nullify sends. If you don't configure anything, escalations default to Direct message, so existing behavior is preserved.

Delivery modes

Choose one of:

• Direct message — DM the engineer who owns the finding. (Default.)

• Channel — post escalations to a Slack channel you choose.

• Both — DM the owner and post to the channel.

Setting the channel

For Channel or Both modes, enter the destination Slack channel ID (for example, C0123456789). You can copy a channel's ID from Slack under the channel's View channel details menu.

The same channel is also used for the agent's regular channel messages.