cortex-code

SUSPICIOUS. The core Snowflake-routing purpose is plausible and the Cortex CLI appears to be an official Snowflake tool, so this is not confirmed malware. However, the skill broadens scope by reading local session history, forwarding enriched context to an external agentic CLI, and enabling auto-approved tool execution with a full-access DEPLOY mode that is disproportionate for a Snowflake helper.