diff --git a/src/psrt_ghsa_bot/app.py b/src/psrt_ghsa_bot/app.py
index d860e71..bef35cd 100644
--- a/src/psrt_ghsa_bot/app.py
+++ b/src/psrt_ghsa_bot/app.py
@@ -22,6 +22,15 @@
 
 PSRT_GITHUB_TEAM_ORG = "python"
 PSRT_GITHUB_TEAM_SLUG = "psrt"
+COMPLETION_TAGS = (
+    "CLOSE",
+    "CLOSED",
+    "COMPLETE",
+    "COMPLETED",
+    "NOTPLANNED",
+    "INVALID",
+    "DUPLICATE",
+)
 
 
 def load_psrt_members_from_devguide() -> set[str]:
@@ -148,10 +157,9 @@ def apply_to_repo(
 
         print(f"    📋 Processing {ghsa_id} (state: {state})")
 
-        # If the summary contains '[CLOSE]', '[CLOSED]', '[COMPLETE]',
-        # or '[COMPLETED]' then we can close the ticket.
+        # If the summary contains a completion tag then we can close the ticket.
         summary = security_advisory.get("summary", "")
-        if re.search(r"\[(?:CLOSED?|COMPLETED?)\]", summary.upper()) is not None:
+        if re.search(rf"\[(?:{'|'.join(COMPLETION_TAGS)})\]", summary.upper()) is not None:
             github.rest.security_advisories.update_repository_advisory(
                 owner=owner,
                 repo=repo,
diff --git a/tests/test_app.py b/tests/test_app.py
index 4c444fe..b77a300 100644
--- a/tests/test_app.py
+++ b/tests/test_app.py
@@ -205,9 +205,12 @@ def test_create_private_fork() -> None:
         "[COMPLETE] some boring security thing",
         "fix soemthing in datetime module [COMPLETED]",
         "blah blah [closed] lowercase blah",
+        "[NOTPLANNED] no fix planned",
+        "[INVALID] some annoying spam",
+        "[DUPLICATE] we've seen this one before",
     ],
 )
-def test_closes_advisory_with_close_or_complete_tag(summary) -> None:
+def test_closes_advisory_with_completion_tag(summary) -> None:
     security_advisory = _create_advisory_dict("triage", None, [], summary=summary)
 
     github = mock.Mock()