Cortex & AI Boundary
EntryLayer uses Snowflake Cortex for supported AI-assisted work such as form generation and rule assistance. The goal is to help admins build EntryLayer projects faster without changing the customer data boundary.
When this matters
Section titled “When this matters”Use this page when:
- enabling Cortex-backed features during Native App setup
- asking Cortex to administer EntryLayer through the SQL API
- reviewing Marketplace/security posture for AI usage
- writing prompts for form design or rule generation
Where Cortex is used
Section titled “Where Cortex is used”| Surface | Purpose | Data boundary |
|---|---|---|
| Project/form generation | Build an initial form layout from source metadata. | Uses source metadata, not source row samples. |
| Rule generation | Propose form rules from user instructions and field metadata. | Uses caller prompt plus field titles/types. |
| SQL API skill workflow | Helps Cortex discover safe commands and contracts. | Uses HELP() and AGENT_MANIFEST() metadata. |
Prompt context
Section titled “Prompt context”| Allowed context | Do not include |
|---|---|
| Source object names when needed for setup | Source row values |
| Column names and data types | Submission values |
| Field titles and field types | PII, PHI, secrets, credentials |
| User-provided layout instructions | Passwords, tokens, connection strings |
| Business rules written at a policy level | Provider-owned external API instructions |
If a prompt needs an example, use synthetic values instead of copied customer data.
SQL API guardrails
Section titled “SQL API guardrails”For Cortex-assisted SQL administration:
CALL ENTRYLAYER.API.HELP();CALL ENTRYLAYER.API.HELP('CONTRACTS');CALL ENTRYLAYER.API.HELP('SECURITY');CALL ENTRYLAYER.API.AGENT_MANIFEST();AGENT_MANIFEST() tells agents which commands are read-only, idempotent, draft-mutating, publish-sensitive, source-metadata-only, or Cortex-invoking.
The key AI-related SQL API rules are:
PREVIEW_SOURCE_LAYOUTis deterministic and does not invoke Cortex.GENERATE_FORM_RULEinvokes Cortex but returns a proposed rule; review before saving it.- Source discovery procedures are metadata-only.
- Draft edits require
PUBLISH_PROJECT_DRAFTbefore users see changes. - Submission mutation should be used only where explicitly documented.
Runtime boundary
Section titled “Runtime boundary”EntryLayer’s current package uses Snowflake Cortex for supported AI features. It does not require a provider-owned external LLM endpoint, external access integration, API key, or network rule for normal AI-assisted product use.
The installed application needs the Snowflake Cortex database role setup described in the Native App installation flow. See Native App Security Model for the privilege summary.