cortex-classify-notebook

[Skill Scanner] Instruction to copy/paste content into terminal detected This skill's actions are coherent with its stated purpose: uploading a tutorial notebook into a Snowflake account and creating a Snowsight link. It does require potentially high privileges (falls back to ACCOUNTADMIN and creates DB/WH resources) and instructs overwriting existing staged files without interactive confirmations — both are operational risks rather than indicators of malware. I found no evidence of credential harvesting, obfuscated code, or exfiltration to third-party domains. Recommend: (1) inspect the notebook file contents before upload to ensure it contains no secrets, (2) avoid running ACCOUNTADMIN fallback in production accounts, and (3) add explicit confirmations for destructive or high-privilege steps. LLM verification: This Skill is purpose-aligned: its documented capabilities line up with deploying a Jupyter notebook to Snowflake. There is no direct evidence of malware or exfiltration to third-party hosts. However there are notable security concerns: the fallback path requests ACCOUNTADMIN and creates databases/warehouses (privilege escalation beyond minimal needs), and the guidance to proceed without interactive confirmation increases risk of unattended or automated misuse. The operator's snow CLI credential