Every MCP tool in the SCOPE compliance index, grouped by server — risk posture, regulatory exposure, and the tools that warrant tighter governance.
Snowflake
2 critical 3 high 1 med · 6 tools · 3 SoD-flagged
regimes APPICCPACOSOGDPRISO_27001LGPDNIST_CSFPIPEDAPIPLPOPIASOC2SOXUK_GDPR
Tools needing tighter control (6 of 6)
snowflake.SYSTEM_EXECUTE_SQL critical conf highhuman approval
Runs arbitrary SQL with the connected role's full privileges; can read or modify any table the role can reach.
snowflake.sql_exec_tool critical conf highhuman approval
Canonical Snowflake-published name for the SQL execution tool; same blast radius as SYSTEM_EXECUTE_SQL.
snowflake.CORTEX_SEARCH_SERVICE_QUERY high conf highOBO
Queries indexed unstructured content (documents, support cases, contracts) via Cortex Search; can surface PII or proprietary text.
snowflake.CORTEX_ANALYST_MESSAGE high conf highOBO
Natural-language query over a semantic view; returns structured business metrics that can include revenue or PII.
snowflake.CORTEX_AGENT_RUN high conf mediumhuman approval
Invokes a managed Cortex Agent which can in turn call SQL, search, and custom tools; effective privileges are the agent's.
snowflake.GENERIC medium conf lowaudit
Catch-all type for user-defined functions and stored procedures exposed as MCP tools; risk depends on the UDF body.