Currently, admins can set who can message and @mention a group and only choose from Everyone, Nobody, Only moderators and Admins and Only group members, moderators and admins.
I’d suggest adding trust levels to this list and/or a separate field to enter in group names manually. That way we can prevent abuse and also set some groups to still be private without giving e.g. staff moderator privileges.