Slack integration
Pencheff posts a summary message to a Slack channel via a standard Incoming Webhook. The message includes a severity breakdown and the top 5 findings ranked by CVSS (with EPSS + KEV annotations when available).
Setup
- In Slack, go to Apps → Incoming Webhooks → Add to Slack.
- Pick a channel, copy the webhook URL (
https://hooks.slack.com/…). - In Pencheff: Dashboard → Integrations → Connect → Slack. Paste the URL, set severity filter, save.
Via API
POST /integrations
Content-Type: application/json
{
"kind": "slack",
"name": "#security-critical",
"severity_filter": "high",
"config": { "webhook_url": "https://hooks.slack.com/services/XXX/YYY/ZZZ" }
}Via MCP
export_to_slack(
session_id=sid,
webhook_url="https://hooks.slack.com/services/...",
severity_filter="high"
)What the message looks like
*Pencheff scan update* — 2 critical • 5 high • 12 medium
──────────────
*[CRITICAL] SQL Injection — /api/users?id=FUZZ*
`https://example.com/api/users` — CVSS 9.8 — A03
Time-based blind SQLi confirmed via `UNION SELECT SLEEP(5)`. Database
fingerprinted as PostgreSQL 15.2. `pg_dump` of 3 tables exfiltrated
in the PoC.
*[CRITICAL] SSRF → AWS IMDS*
...