ContextThe Snowflake Cortex Code CLI is a command-line coding agent that operates similarly to Claude Code and OpenAI’s Codex, with an additional built-in integration to run SQL in Snowflake. Two days after release, a vulnerability was identified in Cortex Code’s command validation system that allowed specially constructed malicious commands to: Execute arbitrary commands without triggering human-in-the-loop approval steps Execute those commands outside of the Cortex CLI’s sandbox. We demonstrat...