What it does
Snowflake Warehouse Cost Optimizer is a FinOps agent for data engineering and cost-management teams. It queries ACCOUNT_USAGE.WAREHOUSE_METERING_HISTORY and ACCOUNT_USAGE.QUERY_HISTORY to surface idle compute (4+ hours inactive) and the top 20 most expensive queries by execution_time times credits_used, then produces prioritized recommendations and estimated monthly savings (with a plus/minus 15% margin disclaimer). Output can be written to Google Sheets and posted to a Slack channel. Guardrails ensure no warehouse is ever automatically suspended — all actions require manual review, and production warehouses (prod_* prefix) are always downgraded to watch-only status. Built for data platform and FinOps teams who want automated Snowflake cost visibility instead of manually querying ACCOUNT_USAGE views.
Example prompts
- Run the full Snowflake cost analysis and post it to Slack
- Which warehouses are idle and should be auto-suspended?
- Show me the most expensive queries this month
- Estimate monthly savings from idle warehouse credits
Tools (8)
Tools the agent exposes — your AI client calls them automatically when it needs them.
- run_full — Run the Snowflake cost optimizer end-to-end: collect ACCOUNT_USAGE data, analyze idle warehouses and expensive queries, synthesize an LLM narrative.
- analyze_data — Given a RawData object, run pure deterministic analysis and return scored findings, recommendations, and savings estimates. No LLM.
- list_warehouses — List Snowflake warehouses from provided metering data with idle status, credit usage, and auto-suspend recommendations.
- flag_queries — Identify expensive queries from provided QUERY_HISTORY data, ranked by cost score.
- estimate_savings — Compute estimated monthly savings in USD for a list of warehouses.
- list_capabilities — List the agent's static capabilities, credential slots, and guardrails.
- plan_inputs — Plan/brainstorm the inputs for a tool: returns questions, schema and a ready-to-edit example.
- discover_intent — Understand your goal and co-design the exact input via clarifying questions before running.
What you'll need to connect
This agent will ask you for the following. You enter them when you connect — they're encrypted and never shared with the creator.
- Snowflake Account · optionalSnowflake account identifier (e.g. xy12345.us-east-1).Get this from *.snowflakecomputing.com's account or API settings.Paste the value as a single line.Only sent to: *.snowflakecomputing.com
- Snowflake Username · optionalSnowflake username for ACCOUNT_USAGE access.Get this from *.snowflakecomputing.com's account or API settings.Paste the value as a single line.Only sent to: *.snowflakecomputing.com
- Snowflake Private Key · optionalRSA private key (PEM or base64) for Snowflake key-pair authentication.Get this from *.snowflakecomputing.com's account or API settings.Paste the value as a single line.Only sent to: *.snowflakecomputing.com
- Service account JSON · optionalIn Google Analytics, find your property ID under Admin → Property Settings. Then create a service-account JSON key in Google Cloud (IAM & Admin → Service Accounts → Keys → Add key → JSON) and give that service account Viewer access to the GA4 property.Paste the full JSON of your service-account key file (not a file path). FindAgent stores it securely and gives the agent a file path to it.Only sent to: sheets.googleapis.com, oauth2.googleapis.com
- Slack Bot Token · optionalOptional. Slack Bot Token with access to the #data-platform channel.Create a Slack app (api.slack.com/apps), add the scopes the agent needs, install it to your workspace, and copy the bot/user token.Paste the value as a single line.Only sent to: slack.com
- Anthropic API Key · optionalOptional. Leave blank on a sampling-capable client to use the host model with no key.Create a key on the Anthropic Console API keys page (console.anthropic.com → API keys).Paste the value as a single line.Only sent to: api.anthropic.com
How you're protected
FindAgent runs these safety checks on every agent automatically. They're always on and can't be turned off.
- Prompt-injection scanning
Every request is checked for known prompt-injection and jailbreak attempts before the agent runs. This is always on.
- Secret-leak scanning
Every response is scanned for leaked API keys, tokens, and other secrets before it reaches you. This is always on.