DATA OPS

Pre-Scan Migration PRs for PII Columns Before Merge

On every pull request touching SQL migration files, parses added columns, classifies them for PII, and posts a blocking review comment requiring a tagging plan before merge.

CategoryData Ops

Enginesim

Difficultyadvanced

Triggerwebhook

Steps5

Setup~25 min

How it runs

The automated pipeline, trigger to output.

TriggerGitHub PR opened on migration filesGitHub
ActionFetch PR diff and parse new columnsGitHub
ActionClassify columns for PII with OpenAIOpenAI
LogicBranch on unclassified high-confidence PII
OutputPost review comment on GitHub PRGitHub

What it does

When a pull request adds or modifies database migration files, this workflow extracts the columns being created, classifies each one for likely PII, and writes a review comment back on the PR. If high-confidence PII columns are introduced without a documented classification, it flags the PR so the author addresses governance before the change ever reaches the warehouse.

When to use it

Use it to shift PII review left — catching sensitive columns at code review instead of after they ship to Snowflake or BigQuery. It's ideal for teams that want governance enforced in the same place engineers already work.

How it works

1A GitHub pull-request webhook triggers on PRs that touch migration paths.
2Fetch the PR diff and parse `ADD COLUMN` / `CREATE TABLE` statements to extract new column names and types.
3An OpenAI classifier scores each column for PII type and confidence.
4A logic branch decides: clean PRs get an approving note, PRs with unclassified high-confidence PII get flagged.
5Post the findings as a structured review comment listing each flagged column and the required next step back on the GitHub PR.

Set it up

What you configure once, before turning it on.

1
Connect GitHubRepos, issues, pull requests, actions.
2
Connect OpenAIModels, embeddings, files.
3
Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
4
Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
5
Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.

More Data Ops workflows

Weekly BigQuery Cost Trend Sheet and Exec Digest

Compiles week-over-week BigQuery scheduled-query cost by owner and dataset into a Google Sheet with trend columns.

Daily BigQuery Scheduled-Query Cost Attribution to Owners

Each morning, totals the prior day's on-demand bytes-billed per scheduled query, maps each query to its owner from a label, and posts a per-owner cost leaderboard to Slack.

BigQuery Per-Team Budget Breach Alert to PagerDuty

Tracks month-to-date BigQuery scheduled-query spend per team and, when a team crosses its monthly budget, pages the team's on-call in PagerDuty and snapshots the spend breakdown…

dbt source freshness watcher with severity-routed alerts

Checks Snowflake loaded-at timestamps against each dbt source's freshness SLA, then routes warnings to Slack and hard breaches to a PagerDuty incident so stale data never…

dbt orphan model detector with Linear cleanup tickets

Scans your dbt manifest for models that no other model, exposure, or BI tool consumes.

Raw Sensor Telemetry Archive to BigQuery

Captures every incoming building sensor reading via webhook, normalizes the payload into a consistent schema.

Browse all Data Ops →

Run it inside a business

This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.

Software

Agent Hive runs Agent Hive

The team that built Agent Hive, exactly as it runs today.

Marketing

Content Marketing Agency

SEO, blogs, social, and reporting on autopilot.

Operations

Internal Operations

Runbooks, on-call, vendor management — disciplined and audited.

Browse all business templates →Solutions by industry →

Run this workflow in your colony.

14-day trial. No DevOps. No Sales call. Provisioned in under a minute.

Join the Waitlist Browse all workflows →