SharePoint SLK and T-SQL xp_cmdshell safety

I am looking into a TSQL command called "xp_cmdshell" to use to monitor a change to a the SLK (SharePoint Learning Kit) database and then execute a batch or PowerShell script that will trigger some events that I need. (It is bad practice to modify SharePoint's database directly, so I will be using its API)

I have been reading on various blogs and MSDN that there are some security concerns with this approach. T开发者_如何转开发he sites suggest that you limit security so the command can be executed by only a specific user role.

What other tips/suggestions would you recommend with using "xp_cmdshell"?

Or should I go about this another way and create a script or console application that constantly checks if a change has been made?

I am running Server 2008 with SQL 2008.

Why don't you create a CLR SP using C# and have that take care of your calls to the API and any other external processes from within it. That would be much safer and easier to manage because then you only need to grant execute access to the CLR SP.