DATA OPS

Open Linear Issues for Untagged PII Columns in BigQuery

Scans BigQuery columns flagged as sensitive but missing a Data Catalog policy tag, then files a Linear issue per owning team so the tagging gap gets fixed and tracked.

CategoryData Ops

Enginesim

Difficultyintermediate

Triggerschedule

Steps6

Setup~15 min

How it runs

The automated pipeline, trigger to output.

TriggerScheduled audit run
ActionQuery BigQuery columns vs policy tagsBigQuery
LogicGroup untagged PII columns by owning team
LogicDedupe against existing open Linear issues
ActionCreate Linear issue per teamLinear
OutputEmit run-complete summary

What it does

It finds columns in BigQuery that look like PII but have no policy tag applied, then turns each governance gap into a tracked Linear issue assigned to the dataset's owning team. Instead of a Slack message that scrolls away, every untagged sensitive column becomes an accountable, closeable ticket.

When to use it

Use it when your org enforces column-level access control through BigQuery policy tags and you need to guarantee that every sensitive column is actually tagged. It converts a passive audit finding into owned remediation work.

How it works

1A scheduled trigger starts the audit run.
2Query BigQuery `INFORMATION_SCHEMA.COLUMNS` joined against policy-tag metadata to list columns whose names match PII patterns but carry no tag.
3A logic step groups the untagged columns by dataset and resolves the owning team from a label or naming convention.
4For each group, deduplicate against existing open issues so reruns don't spam.
5Create one Linear issue per owning team listing the affected tables and columns with a remediation checklist.
6Emit a run-complete summary noting how many issues were opened or already existed.

Set it up

What you configure once, before turning it on.

1
Connect BigQueryDatasets, queries, schemas.
2
Connect LinearIssues, projects, cycles, triage.
3
Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
4
Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
5
Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.

More Data Ops workflows

Weekly BigQuery Cost Trend Sheet and Exec Digest

Compiles week-over-week BigQuery scheduled-query cost by owner and dataset into a Google Sheet with trend columns.

Daily BigQuery Scheduled-Query Cost Attribution to Owners

Each morning, totals the prior day's on-demand bytes-billed per scheduled query, maps each query to its owner from a label, and posts a per-owner cost leaderboard to Slack.

BigQuery Per-Team Budget Breach Alert to PagerDuty

Tracks month-to-date BigQuery scheduled-query spend per team and, when a team crosses its monthly budget, pages the team's on-call in PagerDuty and snapshots the spend breakdown…

dbt source freshness watcher with severity-routed alerts

Checks Snowflake loaded-at timestamps against each dbt source's freshness SLA, then routes warnings to Slack and hard breaches to a PagerDuty incident so stale data never…

dbt orphan model detector with Linear cleanup tickets

Scans your dbt manifest for models that no other model, exposure, or BI tool consumes.

Raw Sensor Telemetry Archive to BigQuery

Captures every incoming building sensor reading via webhook, normalizes the payload into a consistent schema.

Browse all Data Ops →

Run it inside a business

This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.

Software

Agent Hive runs Agent Hive

The team that built Agent Hive, exactly as it runs today.

Support

Customer Support Hub

Tier-1, tier-2, refunds, and escalations — same-hour.

Software

SaaS Operator (Pre-PMF)

Talk to users, ship features, kill what doesn't land.

Browse all business templates →Solutions by industry →

Run this workflow in your colony.

14-day trial. No DevOps. No Sales call. Provisioned in under a minute.

Join the Waitlist Browse all workflows →