rohitcoder · 0xPb1 · Jul 18, 2025
diff --git a/connection.yml.sample b/connection.yml.sample
@@ -3,6 +3,7 @@ notify:
   suppress_duplicates: True
   slack:
     webhook_url: https://hooks.slack.com/services/T0XXXXXXXXXXX/BXXXXXXXX/1CIyXXXXXXXXXXXXXXX
+    mention: "<@U013BDEFABC>"
   jira:
     username: "amce@org.com"
     server_url: "https://amce.atlassian.net"

diff --git a/hawk_scanner/main.py b/hawk_scanner/main.py
@@ -47,7 +47,7 @@ def group_results(args, results):
     return grouped_results
 
 
-def format_slack_message(group, result, records_mini):
+def format_slack_message(group, result, records_mini, mention):
     template_map = {
         's3': """
         *** PII Or Secret Found ***
@@ -171,7 +171,7 @@ def format_slack_message(group, result, records_mini):
         Exposed Values: {exposed_values}
         """
     }
-    return template_map.get(group, "").format(
+    return f"{mention} " + template_map.get(group, "").format(
         vulnerable_profile=result['profile'],
         bucket=result.get('bucket', ''),
         file_path=result.get('file_path', ''),
@@ -258,7 +258,9 @@ def main():
         add_columns_to_table(group, table)
         for i, result in enumerate(group_data, 1):
             records_mini = ', '.join(result['matches']) if len(result['matches']) < 25 else ', '.join(result['matches'][:25]) + f" + {len(result['matches']) - 25} more"
-            slack_message = format_slack_message(group, result, records_mini)
+            connection = system.get_connection(args)
+            mention = connection.get('notify', {}).get('slack', {}).get('mention', '')
+            slack_message = format_slack_message(group, result, records_mini, mention)
             if slack_message:
                 system.create_jira_ticket(args, result, slack_message)
                 system.SlackNotify(slack_message, args)

diff --git a/readme.md b/readme.md
@@ -387,6 +387,29 @@ sources:
 ```
 
 You can add or remove profiles from the connection.yml file as needed. You can also configure only one or two data sources if you don't need to scan all of them.
+
+## Slack Bot Mentions and Workflow Integration
+
+Hawk-eye now supports customizable Slack mentions in alert messages, allowing you to trigger internal Slack bot workflows (such as archiving the channel, etc) automatically.
+
+### How to Configure Slack Mentions
+
+In your `connection.yml`, under the `notify.slack` section, add a `mention` key. This value should be the Slack user ID of your bot in the format `<@USERID>`. Using the display name (e.g., `@DataScanBot`) will not trigger a real mention—Slack requires the user ID format.
+
+**Example:**
+```yaml
+notify:
+  slack:
+    webhook_url: https://hooks.slack.com/services/...
+    mention: "<@U12345678>"  # Replace with your bot's actual user ID
+```
+
+When Hawk-eye sends a Slack alert, the message will begin with this mention, ensuring your bot is properly notified and any associated workflows are triggered.
+
+**Tip:** To find your bot's user ID, click on the bot's profile in Slack and look for the ID in the URL (e.g., `/team/U12345678`).
+
+```
+
 </div>
 
 ## Adding New Commands

diff --git a/setup.py b/setup.py
@@ -1,4 +1,4 @@
-VERSION = "0.3.38"
+VERSION = "0.3.39"
 
 from setuptools import setup, find_packages