An AI knowledge management agent with a web interface, zettelkasten knowledge graph ingestion, document approval workflow, optional web search, and a skills system — powered by the Snowflake Cortex Agent API.
A DuckDB-powered SQL shell for Iceberg REST catalogs and DuckLake metastores — profile-based connection management, psql-style meta-commands, and an MCP server so LLM agents can query your catalogs directly.
A full Iceberg REST Catalog proxy that materialises DuckLake’s snapshot state into Iceberg manifests on demand — giving standard Iceberg clients (PyIceberg, DuckDB, Trino, Spark) read/write access to a DuckLake-backed lakehouse.
KV cache is the memory wall that limits context length on consumer hardware. TurboQuant shrinks it 5x with minimal quality loss — here’s a ready-to-run build that packages llama.cpp with TurboQuant KV compression into a single conda install.
How to build a multi-site VPN mesh with SoftEther – connecting an on-premise network, an AWS VPC, and an Azure VNet through a central VPN hub. Full setup: SoftEther server, TAP interfaces, iptables routing, dnsmasq, and site-to-site bridge configuration.
A comprehensive deep dive into Snowflake Container Services — security architecture, compute isolation, ingress/egress controls, PAT authentication, CORS, private connectivity, and tunneling approaches (SSH, WebSocket, Tailscale, ngrok) to connect SPCS to your own infrastructure.
How to establish persistent, bidirectional SSH tunnels from Snowflake Container Services to any machine you control — using base64-encoded keys in Snowflake Secrets, autossh for resilience, reverse port forwards, and nginx to expose SPCS services with SSL on your own domain.
RBAC tells you if a role can access a table. But can this agent invoke this tool on this data for this purpose? The industry is building the pieces — Cedar, Proofpoint, Cisco, Immuta — but the unified policy engine that evaluates all attributes across all layers doesn’t exist yet.
A complete data lake with row-level access control, S3 storage, and SQL analytics — managed entirely through pixi, running on Hetzner for under 10 euros a month.
Snowflake’s managed MCP servers work with external OAuth tokens — JWT-signed, role-scoped, and RBAC-enforced. Tested end-to-end with tool discovery and SQL execution.
Google’s TurboQuant compresses embedding vectors to 3-4 bits with under 2% recall loss — no training required. Here’s why that matters for AI agent memory systems.
Signing alone wouldn’t have stopped the LiteLLM backdoor — the attacker used the real credentials. This article explores a layered defense architecture for the Python and conda supply chain: Sigstore signing, Anaconda curation, Chainguard rebuilt-from-source, and runtime containment.
A pluggable semantic memory layer for AI agents inspired by the Zettelkasten method — auto-linking, importance scoring, and graph traversal across CrewAI, LangGraph, and Claude Code.
Snowflake provides a unified Zero Trust control plane for both data and AI inference. This blueprint maps Snowflake and Cortex to NIST 800-207, CISA’s Zero Trust Maturity Model, and OMB M-22-09 — one governance layer, one policy stack, no shadow AI.
A proof-of-concept that layers authentication, encryption, and multi-agent coordination onto MCP — with four security tiers from API keys to enterprise OAuth2 with audit trails.
A set of Rust-backed extensions for the Robyn web framework — Pydantic v2 validation, JWT/OAuth2 auth, token-bucket rate limiting, and auto-generated OpenAPI docs. Sub-microsecond overhead.
Four sample methods for managing encryption keys in Snowflake — from session variables to cloud KMS to HYOK key wrapping — ensuring sensitive data is protected with keys you control. Postgres pgcrypto compatible.
How to send security alerts from Snowflake directly to your SIEM using native webhook notification integrations — with working examples for Splunk HEC and Microsoft Sentinel, plus a hybrid approach for dynamic OAuth tokens.
How to execute SQL across Snowflake accounts using the SQL API with OAuth — covering Client Credentials (Entra ID), Self-Signed JWT (GCP), PAT, and Key-Pair authentication with full architecture diagrams and code.
An open-source skill that teaches any AI coding agent — Cortex Code, Claude Code, or others — to automate Google Slides, Sheets, Docs, Drive, and Forms using natural language prompts.