diff --git a/extensions/zalouser/src/security-audit.test.ts b/extensions/zalouser/src/security-audit.test.ts
index 8353d9818a1..351bbe64645 100644
--- a/extensions/zalouser/src/security-audit.test.ts
+++ b/extensions/zalouser/src/security-audit.test.ts
@@ -17,9 +17,10 @@ describe("Zalouser security audit findings", () => {
     name: string;
     config: ZalouserAccountConfig;
     expectedSeverity: "info" | "warn";
+    expectedTitle: string;
+    expectedRemediation: string;
     detailIncludes: string[];
     detailExcludes?: string[];
-    expectFindingMatch?: { checkId: string; severity: "info" | "warn" };
   }> = [
     {
       name: "warns when group routing contains mutable group entries",
@@ -31,6 +32,9 @@ describe("Zalouser security audit findings", () => {
         },
       } satisfies ZalouserAccountConfig,
       expectedSeverity: "warn",
+      expectedTitle: "Zalouser group routing contains mutable group entries",
+      expectedRemediation:
+        "Prefer stable Zalo group IDs in channels.zalouser.groups, or explicitly opt in with dangerouslyAllowNameMatching=true if you accept mutable group-name matching.",
       detailIncludes: ["channels.zalouser.groups:Ops Room"],
       detailExcludes: ["group:g-123"],
     },
@@ -44,11 +48,10 @@ describe("Zalouser security audit findings", () => {
         },
       } satisfies ZalouserAccountConfig,
       expectedSeverity: "info",
+      expectedTitle: "Zalouser group routing uses break-glass name matching",
+      expectedRemediation:
+        "Prefer stable Zalo group IDs (for example group:<id> or provider-native g- ids), then disable dangerouslyAllowNameMatching.",
       detailIncludes: ["out-of-scope"],
-      expectFindingMatch: {
-        checkId: "channels.zalouser.groups.mutable_entries",
-        severity: "info",
-      },
     },
   ];
 
@@ -66,17 +69,15 @@ describe("Zalouser security audit findings", () => {
     if (!finding) {
       throw new Error("expected mutable Zalo User group finding");
     }
+    expect(finding.checkId).toBe("channels.zalouser.groups.mutable_entries");
     expect(finding.severity).toBe(testCase.expectedSeverity);
+    expect(finding.title).toBe(testCase.expectedTitle);
+    expect(finding.remediation).toBe(testCase.expectedRemediation);
     for (const snippet of testCase.detailIncludes) {
       expect(finding.detail).toContain(snippet);
     }
     for (const snippet of testCase.detailExcludes ?? []) {
       expect(finding.detail).not.toContain(snippet);
     }
-    if (testCase.expectFindingMatch) {
-      expect(findings).toEqual(
-        expect.arrayContaining([expect.objectContaining(testCase.expectFindingMatch)]),
-      );
-    }
   });
 });