MCPVet
Low
Outbound network 1
Environment variables (config / keys) 2
AI review
This is a deprecated community MCP server for Snowflake Cortex AI that performs legitimate database operations. It accesses environment variables for authentication and makes network requests to Snowflake APIs, which is expected behavior. No hidden instructions, prompt injection, or data exfiltration mechanisms were found.
Model: deepseek-chat
Static findings
Outbound network · Makes outbound network requests
low
mcp_server_snowflake/cortex_services/tools.py:81
response = requests.post(
Environment variables (config / keys) · Reads environment variables (config / API keys)
low
mcp_server_snowflake/server.py:224
return os.getenv(
low
mcp_server_snowflake/utils.py:48
if os.environ.get("SNOWFLAKE_PAT") and not os.environ.get("SNOWFLAKE_PASSWORD"):
Scanning every extension your team installs?
Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.
MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.