B

Snowflake MCP Server

Snowflake's official Snowflake-managed MCP server (Cortex), GA November 2025, created as a first-class object inside a Snowflake account. Exposes Cortex Search, Cortex Analyst, Cortex Agent invocation, SQL execution (with a read-only option), and custom UDFs/procedures. OAuth 2.0 (PAT also supported) over HTTP. Replaces the community faressoft/snowflake-mcp; Snowflake's own older self-hosted Snowflake-Labs/mcp is deprecated. Note: scores other than authentication are a provisional assessment from Snowflake's documentation pending a live tool-level audit.

Overall Score75/100

Score Breakdown

Server Info

Package
Per-account <account_url>/api/v2/.../mcp-servers/<name>
Registry
remote
Maintainer
SnowflakeVendor
Category
Analytics & Data
Tags
data-warehousesqlanalyticshostedoauth
Last Scanned
7 Apr 2026

Findings

3 issues

Authentication & Identity

LOWImplements MCP OAuth spec for per-user authentication

Official Snowflake-managed MCP server (GA 2025-11-04), a first-class object inside the customer's Snowflake account. OAuth 2.0 via Snowflake's built-in OAuth service is the recommended method (programmatic access tokens also supported). HTTP transport (non-streaming responses). Snowflake deprecated its own earlier self-hosted Snowflake-Labs/mcp in favor of this.

Remediation

Document the required OAuth scopes for each tool.

Tool Schema Quality

MEDIUMTool schemas not independently audited

The hosted server has no public source repository, so tool input schemas, required fields, and parameter constraints could not be verified directly. Provisional score pending a live tool-level audit.

Remediation

Run a live audit against the hosted endpoint to enumerate and score tool schemas.

Data Exposure

MEDIUMPagination and field selection not verified

Whether list operations paginate and support field selection could not be verified without a live audit of the hosted tool surface.

Remediation

Audit list operations for pagination and field-selection support.

Deploy Snowflake MCP Server securely

CompleteFlow adds per-user authentication, permission scoping, and audit logging to any MCP server out of the box.

Deploy on CompleteFlow