DecisionBox
Autonomous AI Discovery For Your Data — Open Source
99 followers
Autonomous AI Discovery For Your Data — Open Source
99 followers
DecisionBox is an open-source project and connects to your data warehouse, runs autonomous AI agents that write and execute SQL, and surfaces validated insights and actionable recommendations, without you asking a single question.
This is the 7th launch from DecisionBox. View more
DecisionBox for Snowflake
Launching today
DecisionBox connects to Snowflake in minutes. No schema migration, no pipeline. Read-only by role. Runs on the warehouse you pick, with the cost controls you already trust. Key-pair JWT auth for production. Open-source AGPL v3.
Launch Team
DecisionBox
Hey PH, Selçuk here from DecisionBox,
If you're on Snowflake and you've evaluated AI-on-warehouse tools, you've probably had the same conversation with your security team twice. The first time was about how the BI tool talks to Snowflake. The second was about how dbt talks to Snowflake.
The third one about an AI agent, usually doesn't go well, because the agent wants more access than the first two combined.
We built DecisionBox for Snowflake to make that third conversation a non-conversation.
Read-only, scoped by Snowflake role. The agent connects with a role you choose, typically USAGE on the warehouse, SELECT on the schemas you opt in to, and nothing more. Snowflake's RBAC is the boundary. The agent cannot reach anything the role doesn't grant.
Runs on the warehouse you pick. The size, the auto-suspend, the resource monitor, the spending limit you've already configured all apply to the agent the same way they apply to your BI tools and dbt jobs.
Key Pair JWT auth for production. No long-lived password sits on the agent. DecisionBox signs a short-lived JWT for each session, the same machine-to-machine flow Snowflake recommends for any service integration. Rotation is a Snowflake-side action.
If your security team has already approved how the rest of your stack talks to Snowflake, they have already approved DecisionBox.
The whole Snowflake provider is in the public repo, AGPL v3, the role-scoped auth, the JWT signing, the SQL the agent writes.
Same agent runs against BigQuery, Redshift, Postgres, Databricks, and MSSQL too. If your stack moves, your DecisionBox install moves with it.
Happy to dig into the auth flow, the role grants, or anything else in the comments.
DecisionBox
Worth saying why Snowflake got its own polish pass;
A lot of AI-on-data tools treat warehouses as interchangeable. They aren't. Snowflake has the most mature RBAC story of any cloud warehouse, the cleanest auth flow for service integrations (Key Pair JWT), and the best per-warehouse cost isolation. If you build for Snowflake properly, the security and finance conversations are about ten times shorter than on warehouses where you have to bolt that stuff on yourself.
So we built the Snowflake provider to actually use what Snowflake gives you, instead of treating it like Postgres-with-a-different-port. Role-scoped access, warehouse-scoped cost, JWT rotation handled where Snowflake expects it.
The same engine works on the other warehouses we support, but the Snowflake path is the one we'd point a security-conscious enterprise at first.