Weekly RudderStack Governance Audit Posted to Slack

PromptCreate workflow

Build me an agent workflow that runs a weekly governance audit of all my RudderStack transformations and posts a risk-ranked digest to Slack.

Trigger: cron, every Monday at 9:00am America/New_York.

Integrations: rudderstack and slackbot. Use the slackbot integration (not the user slack one) so the digest is posted by a bot identity and survives team changes.

What the agent should do on each run:

1. Call List Transformations on RudderStack to get every published transformation in the workspace. The response already includes the destinations connected to each transformation; keep that list, it is the blast radius signal.

2. For each transformation, call Get Transformation to pull the latest published code, and List Transformation Versions to see the revision history so it can compute how long the transformation has been untouched (use the most recent revision's createdAt).

3. Evaluate each transformation against four concrete checks:

(a) PII exposure. Does the code read any of email, phone, ip, raw user_id, traits.*, or context.ip and pass them downstream without hashing, masking, redacting, or stripping? If yes, flag which field and where.

(b) Error handling. Does the code wrap risky operations (JSON.parse, network calls, property access on possibly-undefined nested objects) in try/catch or guards, or does it let exceptions bubble up and drop the event silently? Flag missing handling around specific risky lines.

(c) Staleness. Is the most recent revision 90 or more days old? If yes, include the age in days.

(d) Destination blast radius. How many destinations is this transformation connected to (count the destinations array from the List Transformations response)? Higher count = higher impact if the transformation misbehaves.

4. Rank transformations by concrete findings, not an invented severity score. A transformation that leaks PII into many destinations outranks one with only a stale revision. Order: PII findings first (more destinations breaks ties), then missing error handling on high-fan-out transformations, then staleness.

5. Post a single Slack message via Send a Message on the slackbot integration to the configured channel (default #data-governance, make it a setup field). Format the message with Slack mrkdwn (single asterisks for bold, not double). Shape it as a ranked list, worst offenders on top. For each transformation include: the transformation name, the specific issue in one short sentence, the connected-destination count, and a one-line suggested fix (e.g. "hash email with sha256 before forwarding", "wrap JSON.parse in try/catch and return event unchanged on failure", "review and re-publish; last revision 142 days old"). Keep the message under 40 lines; if there are more findings, truncate and add a final line like "+12 more findings, expand the audit window to see them."

Important: this workflow is read-only. Do not call Update Transformation, Create Transformation, or Delete Transformation. No code in RudderStack is ever modified by this workflow.

Setup fields the user should configure once: the Slack channel to post to, the staleness threshold in days (default 90), and an optional list of additional field paths to treat as PII beyond the defaults.

Additional information

What does this prompt do?

Reviews every RudderStack transformation in your workspace once a week and ranks the riskiest ones first.
Flags transformations that pass personal data like email, phone, IP, or raw user IDs downstream without masking, hashing, or stripping.
Calls out missing error handling and transformations that have not been updated in 90 or more days.
Highlights blast radius by showing how many destinations each transformation feeds, so a risky change near the top of the list is impossible to miss.
Posts a single clean digest to a Slack channel you choose, with the transformation name, the issue, and a one-line suggested fix for each finding.

What do I need to use this?

A RudderStack account with permission to read transformations.
A Slack workspace and the channel you want the weekly digest posted to.
An idea of what counts as personal data at your company, so the agent flags the right fields. Defaults cover the common ones.

How can I customize it?

Change the schedule. Monday at 9am Eastern is the default, but you can pick any day, time, or cadence.
Pick a different Slack channel, or send the digest as a direct message instead.
Tune what counts as risky. Adjust the personal-data fields, the staleness threshold, or the destinations you care most about.

Frequently asked questions

Does this workflow change any of my RudderStack code?

No. It only reads your transformations and posts a summary to Slack. Nothing is edited, published, or deleted.

What kinds of issues does it look for?

Personal data being forwarded downstream without protection, missing error handling, transformations that have not been touched in 90 or more days, and how many destinations each transformation feeds.

How are findings ranked?

By concrete signals from your workspace, not a made-up score. A transformation that leaks personal data into many destinations ranks above one with a single stale revision.

Can I send it somewhere other than Slack?

Yes. The default is a Slack channel post, but you can change the destination during setup, including a direct message or a different channel per environment.

What if I have hundreds of transformations?

The agent walks through each one in turn. The digest stays focused on the top offenders so the Slack message is short and easy to act on.

Stop hoping your data pipelines are still safe.

Connect RudderStack and Slack once, and get a ranked governance review every Monday morning without lifting a finger.

Explore more prompts Create workflow