Deploy OpenClaw on Snowflake
in minutes.

SnowClaw is a CLI that scaffolds, configures, and deploys a fully-wired OpenClaw instance on Snowflake Container Services. Safe by default. One command to production.

Get started View on GitHub

Apache-2.0Python 3.10+Deny-by-default egress

Safe to run in your Snowflake account by default.

Outbound traffic is deny-by-default. Credentials never reach the model. Config files are root-owned and read-only at runtime. The agent runs under a dedicated service role with minimal privileges.

Network egress control — only approved hosts get Snowflake network rules.
Secret masking — the Cortex proxy scrubs known secrets from every outbound LLM message.
Role separation — admin role deploys infra; the container runs under a least-privileged service role.
Config lockdown — the agent can't modify its own config or credentials.

One command from zero to production.

An interactive wizard collects credentials, generates config, and optionally provisions every Snowflake object via REST API. No snowsql. No Dockerfile editing. No YAML.

Interactive setup — credentials, roles, channels, and tools in a guided flow.
Auto-provisioning — database, schema, image repo, compute pool, secrets, and network rules created for you.
Local dev parity — snowclaw dev runs the same stack with Docker Compose.
Push, pull, deploy — sync skills, config, and secrets to SPCS without rebuilds.

Batteries included

Everything you need to run agents on Snowflake.

SnowClaw layers deployment config, a proxy sidecar, and SPCS infrastructure on top of upstream OpenClaw — no fork required.

Dynamic network rules

Auto-detects required egress hosts from your config, diffs against what's applied, and only permits what you approve.

Secret masking

A sidecar scans every outbound LLM payload and replaces known secret values with [REDACTED:VAR_NAME] before they leave the account.

Cortex proxy sidecar

Dual endpoints for OpenAI-shaped and Anthropic-shaped requests. Native prompt caching for Claude. Transparent retries on 429s.

Multi-channel messaging

Slack, Telegram, and Discord supported out of the box. snowclaw channel add walks you through credentials and network rules.

Build hooks

Drop a .sh script into build-hooks/ to install packages or tools at image build time. No Dockerfile edits required.

Plugin system

npm packages or local paths — add a plugin with snowclaw plugins add and it lands in the container on next deploy.

Architecture

A single ingress. Two containers. No open ports.

Snowflake handles TLS termination and authentication. The agent and the Cortex proxy run side-by-side in one SPCS service. All traffic — UI, WebSocket, plugin routes, LLM calls — flows through a single managed endpoint.

Slack / Telegram / Discord

Browser / UI clients

HTTPS / WebSocket

SPCS Ingress

:18789

OpenClaw Gateway

· Web UI
· WebSocket RPC
· /v1/* OpenAI-compat API
· Plugin HTTP routes

Cortex Proxy Sidecar:8080

· /v1/chat/completions (OpenAI)
· /v1/messages (Claude, native cache)
· Secret masking
· 1M context headers

Snowflake Cortex LLMs

Quick start

Three steps to a running agent.

01
Install the CLI
One curl command. Clones the repo, registers the snowclaw binary via pipx, and re-runs pull updates on subsequent invocations.
```
$ curl -fsSL https://raw.githubusercontent.com/JacobScott98/SnowClaw/main/install.sh | bash
```
02
Run the setup wizard
An interactive wizard collects your Snowflake account, credentials, roles, and channels. Optionally provisions all SPCS objects for you.
```
$ mkdir my-openclaw && cd my-openclaw$ snowclaw setup
```
03
Deploy to Snowflake
snowclaw deploy builds both images, pushes them to your Snowflake image repository, uploads config to the stage, and creates the SPCS service.
```
$ snowclaw deploy
```

Ready to ship an agent on Snowflake?

Install SnowClaw and you'll have a fully-wired OpenClaw instance running on SPCS before your coffee gets cold.

Walk through the setup Star on GitHub

Deploy OpenClaw on Snowflakein minutes.