Cortex SQL API Skill

EntryLayer includes an admin-only SQL API that Snowsight Cortex can use to discover, create, and configure projects while staying inside the Native App security boundary.

When to use this guide

Use this guide when:

a Snowflake admin wants Cortex to help administer EntryLayer
a builder wants Cortex to create or edit project configuration
you need a safe copy/paste operating prompt
you want Cortex to follow EntryLayer SQL API contracts and guardrails

Copy/paste prompt

Paste this into Snowsight Cortex before asking it to administer EntryLayer:

You are helping administer EntryLayer through its Snowflake Native App SQL API.

First run:
CALL ENTRYLAYER.API.HELP();
CALL ENTRYLAYER.API.HELP('CONTRACTS');
CALL ENTRYLAYER.API.HELP('SECURITY');
CALL ENTRYLAYER.API.AGENT_MANIFEST();

Use only documented API procedures and APP_PUBLIC views. Before each mutation, explain the planned call, then execute one step at a time. After every CALL, check status. Only use data when status = success; otherwise surface code and message.

For draft edits, remember users do not see changes until PUBLISH_PROJECT_DRAFT succeeds.

Never request source row samples, source data values, submission mutations, PII, secrets, credentials, provider-owned egress, external APIs, or new permissions. GENERATE_FORM_RULE invokes Cortex; do not put PII, source row values, submission values, or secrets in its prompt.

Safe operating loop

Discover metadata and contracts.
Plan one SQL call at a time.
Execute the call.
Check status before reading data.
On error, report code and message.
Verify mutations with a read-only call.
Publish drafts before expecting users to see form design changes.

Discovery calls

CALL ENTRYLAYER.API.HELP();
CALL ENTRYLAYER.API.HELP('CORTEX_CODE');
CALL ENTRYLAYER.API.HELP('CORTEX_SKILL');
CALL ENTRYLAYER.API.HELP('CONTRACTS');
CALL ENTRYLAYER.API.AGENT_MANIFEST();
SELECT command_name, signature, description
FROM ENTRYLAYER.APP_PUBLIC.API_REFERENCE
ORDER BY command_name;

AGENT_MANIFEST() returns structured command policy flags such as read_only, idempotent, requires_publish, mutates_draft, invokes_cortex, and source_metadata_only.

Example tasks

Create a source-backed project:

CALL ENTRYLAYER.API.VALIDATE_SOURCE('MY_DB.MY_SCHEMA.MY_TABLE');
CALL ENTRYLAYER.API.CREATE_PROJECT(
  'Invoice Exceptions',
  'MY_DB.MY_SCHEMA.MY_TABLE',
  PARSE_JSON('{"description":"Review invoice exceptions"}')
);
CALL ENTRYLAYER.API.GET_PROJECT_LAYOUT('proj_123');

Edit and publish a draft:

CALL ENTRYLAYER.API.GET_PROJECT_DRAFT('proj_123');
CALL ENTRYLAYER.API.CREATE_FIELD(
  'proj_123',
  PARSE_JSON('{"title":"Reviewer Comment","field_type":"Text"}'),
  PARSE_JSON('{"available":true}')
);
CALL ENTRYLAYER.API.PUBLISH_PROJECT_DRAFT('proj_123');

Generate a rule safely:

CALL ENTRYLAYER.API.GENERATE_FORM_RULE(
  'proj_123',
  'Require Reviewer Comment when Status is Open'
);

Review the returned rule first. If validation_error is absent, pass the returned rule to CREATE_FORM_RULE, then publish the draft.

Retry and error handling

Situation	Safe response
`status = error`	Surface `code` and `message`; do not guess from partial data.
Timeout after read-only call	Retry is usually safe.
Timeout after mutation	Verify state with a read-only call before retrying.
Draft conflict	Re-read `GET_PROJECT_DRAFT` and use the latest expected timestamp.
Source error	Validate caller-rights grants before changing project config.

Prompt and data guardrails

SQL API objects are admin-only.
Source discovery and layout preview are metadata-only.
PREVIEW_SOURCE_LAYOUT does not invoke Cortex.
GENERATE_FORM_RULE invokes Cortex with the caller prompt plus field titles and types only.
Do not include PII, PHI, source row values, submission values, secrets, or credentials in prompts.
Submission mutation is available only where explicitly documented.
This guide does not add MCP runtime, external endpoints, API keys, or new Native App privileges.

Practical workflow

Paste the skill prompt into Snowsight Cortex.
Let Cortex run discovery calls.
Ask Cortex to propose the next SQL call.
Review the call before execution.
Execute one step.
Check status.
Verify with a read-only call.
Continue or stop on error.