2026-01-13 · Authensor

How to Send AI Agent Safety Alerts to Slack

SafeClaw by Authensor can send real-time AI agent safety alerts directly to your Slack channels. When an agent action is denied, prompted, or fails an audit integrity check, SafeClaw fires a notification so your team stays informed. SafeClaw supports both Claude and OpenAI agents, ships with 446 tests, and uses hash-chained audit logs for tamper-evident records.

Prerequisites

Step 1: Create a Slack Incoming Webhook

  1. Go to https://api.slack.com/apps and create a new app (or select an existing one).
  2. Under Incoming Webhooks, toggle the feature on.
  3. Click Add New Webhook to Workspace and select your target channel (e.g., #ai-agent-alerts).
  4. Copy the webhook URL. It looks like: https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX

Step 2: Configure SafeClaw Notifications

Add the Slack webhook to your .safeclaw/policy.yaml:

version: 1
default: deny


notifications:
  slack:
    webhook_url: "${SLACK_WEBHOOK_URL}"
    channel: "#ai-agent-alerts"
    events:
      - action.denied
      - action.prompted
      - audit.integrity_failure
      - policy.violation
    format: rich



rules:
  - action: file.read
    paths:
      - "src/**"
    decision: allow



- action: file.write
    paths:
      - "src/**"
    decision: prompt



- action: shell.execute
    decision: deny

Use an environment variable for the webhook URL to avoid committing secrets. Set it in your shell:

export SLACK_WEBHOOK_URL="https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX"

Step 3: Configure Rich Message Formatting

SafeClaw sends structured Slack messages with Block Kit formatting. The rich format includes:

Example of the JSON payload SafeClaw sends: 
{
  "blocks": [
    {
      "type": "header",
      "text": {
        "type": "plain_text",
        "text": "SafeClaw: Action Denied"
      }
    },
    {
      "type": "section",
      "fields": [
        { "type": "mrkdwn", "text": "Action: shell.execute" },
        { "type": "mrkdwn", "text": "Decision: Denied" },
        { "type": "mrkdwn", "text": "Target: rm -rf /tmp/data" },
        { "type": "mrkdwn", "text": "Agent: claude-3.5-sonnet" },
        { "type": "mrkdwn", "text": "Time: 2026-02-13 14:32:01 UTC" },
        { "type": "mrkdwn", "text": "Hash: a3f2...b71c" }
      ]
    }
  ]
}

Step 4: Filter Alert Severity

To avoid notification fatigue, configure severity-based filtering:

notifications:
  slack:
    webhook_url: "${SLACK_WEBHOOK_URL}"
    events:
      - action.denied
      - audit.integrity_failure
    min_severity: high
    throttle:
      max_per_minute: 10
      cooldown_seconds: 30

This sends only high-severity events (denials and integrity failures) and throttles notifications to a maximum of 10 per minute with a 30-second cooldown between identical alerts.

Step 5: Add a Daily Audit Summary

Configure SafeClaw to post a daily summary to Slack:

notifications:
  slack:
    webhook_url: "${SLACK_WEBHOOK_URL}"
    summary:
      schedule: "0 9   *"
      include:
        - total_actions
        - denied_count
        - prompted_count
        - allowed_count
        - audit_chain_status

This posts a summary every day at 9 AM with aggregate counts of all agent actions and the current audit chain health.

Step 6: Test the Integration

Trigger a denied action and verify the Slack notification:

npx @authensor/safeclaw test-notify --channel slack

You should see a message appear in your #ai-agent-alerts channel within seconds.

Summary

SafeClaw integrates with Slack to deliver real-time AI agent safety alerts. Rich Block Kit messages provide full context for every denied or prompted action. Severity filtering and throttling prevent notification fatigue. Daily summaries keep your team informed of overall agent behavior. SafeClaw is MIT licensed and open source.

Related Guides

Try SafeClaw

Action-level gating for AI agents. Set it up in your browser in 60 seconds.

$ npx @authensor/safeclaw