Skills
skills/jezweb/claude-skills/snowflake-platform/Gen Agent Trust Hub

snowflake-platform

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The snowflake-deploy companion agent executes standard Snowflake CLI commands to automate Native App deployment workflows. This is a functional requirement for the skill's specialist agent role.
  • [CREDENTIALS_UNSAFE] (SAFE): The skill provides detailed instructions on Snowflake JWT and RSA key-pair authentication. It correctly uses placeholders for sensitive information and provides proactive warnings against sharing credentials in logs or configuration files.
  • [DATA_EXFILTRATION] (SAFE): Analysis of the REST API guide and Cloudflare Workers templates shows no evidence of data exfiltration. All network operations are directed towards official Snowflake endpoints or user-defined infrastructure.
  • [INDIRECT_PROMPT_INJECTION] (SAFE): The deployment agent ingests data from local project configuration files (snowflake.yml, manifest.yml). While this presents a theoretical indirect prompt injection surface, the risk is mitigated by the agent's limited scope and the use of the official snow CLI for processing.
  • Ingestion points: snowflake.yml, app/manifest.yml, app/setup_script.sql (referenced in agents/snowflake-deploy.md)
  • Boundary markers: Absent
  • Capability inventory: Bash tool usage for CLI operations and file inspection
  • Sanitization: Absent
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:43 PM