[FEATURE] Add notification channels for high-risk findings

[utksh1]

Problem

SecuScan needs a production-grade improvement in this area: Alerting workflow..

Scope

Add configurable notification rules for high/critical findings via webhook/email placeholder interface, with dedupe and delivery history.

Acceptance Criteria

• The implementation is focused and does not introduce unrelated UI, docs, lockfile, or formatting churn.
• Security-sensitive behavior has explicit negative tests where applicable.
• Existing tests continue to pass, and new tests cover the main success and failure paths.
• Documentation or configuration examples are updated when operator behavior changes.

Verification

Tests should cover rule matching, dedupe, failed delivery, and redaction of sensitive finding data.

Difficulty

Hard, useful issue intended for experienced contributors.

[Shikhar-404exe]

Hi ,

I reviewed this issue and the related files. I have experience in this field of work.

I’d like to work on this issue and can start immediately. My plan is to:

reproduce the issue locally
trace the affected components
implement and test the fix carefully

Please add suitable labels and /assign this issue to me under gssoc26 if it's available.
Thank you!

[YerraguntaAjayKumar]

Hi @utksh1, I am a GSSoC '26 contributor and would love to implement these alert notification channels!

Here is my target implementation plan:

1. Backend: Build a robust, schema-validated webhook/email dispatch service layer handling critical/high rule matching, complete with a delivery history state and an in-memory or DB-backed deduplication mechanism.
2. Security: Ensure strict redaction of sensitive finding payloads prior to delivery, accompanied by explicit negative unit tests for failed deliveries and invalid payloads.
3. Frontend: Build a clean React configuration UI to let operators manage these rules seamlessly without adding formatting or lockfile churn.

If this plan sounds good, please assign this issue to me!

[YerraguntaAjayKumar]

Thank you for the assignment, @utksh1! I'm setting up the repository locally right now and will get started on the implementation following the checklist. I'll open a draft PR as soon as the initial backend architecture is ready.