Command Allowlists Cannot Stop Hackers — The Snowflake Cortex AI Hack

Why Should You Care? Because I use the same tool stack every day - OpenClaw, coding agents, exec tools. If you think adding a "command allowlist" protects you, this article is for you. What Happened Feb 2, 2026: Snowflake launches Cortex Code CLI - a command-line coding agent with built-in Snowflake database integration. Feb 5 (3 days later): Security researchers PromptArmor find and responsibly disclose the vulnerability. Feb 28: Snowflake releases fix in v1.0.25. Mar 16: Full public disclosure. How the Attack Worked The technique was simple, but the defenders never saw it coming.