Snowflake CoCo is a coding agent that lives inside the data warehouse, and at Snowflake Summit on June 2, 2026, the company renamed it from Cortex Code and staked a sharper claim: an agent that executes SQL, dbt models, and pipelines end-to-end inside a governed data platform is a different category from a general coding agent pointed at a repository. It does the work, rather than suggesting it.
That claim has a test behind it. On ADE-Bench, the only open benchmark built specifically for analytics data-engineering tasks, Snowflake's CoCo run scored 72.1% versus 65.1% for both Anthropic Claude Code and OpenAI Codex. The benchmark is independently maintained by dbt Labs; the CoCo numbers are Snowflake's own measurements, not yet independently replicated. Both facts matter for how much weight you put on the 7-point gap.
This guide separates what is genuinely new from what is marketing. We cover what CoCo actually is, the human-on-the-loop execution model that distinguishes it from suggestion-style assistants, the benchmark story and its caveats, where warehouse-native helps and where its perimeter hurts, an honest security note, and a clear split on who should care: data teams, yes; marketing teams, mostly not yet. Every number below is attributed to a primary source.
- 01CoCo is Cortex Code, renamed at Summit.The product launched as Cortex Code on February 3, 2026 in London. The CoCo rebrand (short for Cortex Code) came June 2, 2026 at Snowflake Summit. Same product, new name, expanded surfaces — not a new launch.
- 02It executes, it does not just suggest.CoCo runs a four-step loop: interpret intent against the catalog with RBAC context, plan and route to the right tool, show the plan for review, then execute. Snowflake calls this human-on-the-loop — the agent acts and the human supervises.
- 03The 72.1% ADE-Bench result is the sharpest edge — and vendor-run.ADE-Bench is an independent dbt Labs benchmark of real data-engineering tasks. Snowflake's own CoCo run scored 72.1% vs 65.1% for Claude Code and Codex. No independent replication of the CoCo run has been published as of June 7, 2026.
- 04Warehouse-native is the feature and the limit.CoCo sees Snowflake's schema, RBAC, and lineage natively — capabilities general agents lack. But its context stops at Snowflake's perimeter: cross-system glossaries, column-level lineage across Fivetran or Airflow, and upstream data quality fall outside it.
- 05Who should care: data teams now, marketers later.If your team writes SQL and dbt against Snowflake daily, CoCo is directly relevant. If you are a marketing team that does not operate the warehouse, this is infrastructure underneath your analytics — worth understanding, not yet worth adopting.
01 — What It IsA coding agent that lives where the data lives.
CoCo is short for Cortex Code. The underlying product first shipped on February 3, 2026 in London as a generally-available CLI plus a Snowsight browser integration in preview, with nine early customers including WHOOP, LendingTree, United Rentals, and Braze. At Summit on June 2, 2026, Snowflake rebranded it CoCo and positioned it as the connective layer for building inside the platform — same product, broader ambitions.
What makes it distinct is not that it writes code. General coding agents do that well. It is whereit runs. From a natural language prompt, CoCo generates SQL queries, Python scripts, dbt models, Apache Airflow DAGs, ML pipelines, Streamlit apps, and even other AI agents — all inside Snowflake's governance perimeter, with native access to the schema, role-based access controls, and lineage. A general agent like Cursor or general coding agents like Claude Code and Cursor can target the same dbt repository, but they have no schema, RBAC, or lineage awareness unless you wire it in yourself.
The original product
GA CLI plus a Snowsight browser integration in preview. Nine early customers including WHOOP, LendingTree, United Rentals, and Braze. The CLI ran under the user's active Snowflake credentials from day one.
The Summit rebrand
Same engine, new name (Cortex Code → CoCo), plus a GA Desktop app, Automations for scheduled workflows, and serverless Cloud Agents in Snowsight. Snowflake describes it as its fastest-growing product.
02 — Execution ModelHuman-on-the-loop, not human-in-the-loop.
The architectural distinction worth internalizing is the loop. Most coding assistants — GitHub Copilot is the canonical example — are human-in-the-loop: the agent suggests, the human executes, one completion at a time. CoCo is human-on-the-loop: the agent plans and executes a full workflow while the human supervises. That is a category difference, not a feature comparison.
Atlan's technical breakdown describes CoCo's core as a four-step agent loop. First it interprets your intent and checks the catalog with RBAC context. Second it selects tools and plans — routing to Cortex Analyst for SQL generation, Cortex Search for object discovery, or lineage metadata as needed. Third it shows you the plan for review before acting. Fourth it executes with session context. The review step is what keeps a human on the loop: the agent does the work, but you see the plan before it runs.
The four-step execution loop vs suggestion-only assistants
Source: Atlan CoCo technical overviewCoCo Automations extends this from reactive prompting to scheduled operations. Teams can set recurring autonomous workflows — pipeline refreshes, data-quality checks, model retraining, operational investigations — all governed by Snowflake RBAC and backed by audit trails. Cloud Agents add serverless, browser-based execution in managed containers with persistent file systems for long-running jobs, requiring no local setup. The direction is clear: from assistant you prompt to operator you schedule.
"When building with AI becomes as simple as describing the outcome you want, the number of people who can contribute increases by orders of magnitude."— Christian Kleinerman, EVP Product, Snowflake (Summit 26)
03 — The BenchmarkADE-Bench: the first eval built for data work.
Most coding-agent coverage leans on SWE-Bench, which has effectively zero data-engineering tasks. ADE-Bench fills that gap. Created by Benn Stancil, founder of Mode, in collaboration with dbt Labs and published January 21, 2026, it evaluates agents on real-world dbt projects — messy schemas, broken pipelines, and deliberately vague tasks such as "it's broken." Each task runs in a Docker container, and success is measured by whether the dbt tests pass. That is a far harder, more honest test than clean toy schemas.
Against that benchmark, Snowflake reports that its CoCo run achieved a 72.1% pass rate, versus 65.1% for both Claude Code and OpenAI Codex — a 7-percentage-point gap. Snowflake also reports CoCo using 51% fewer tokens and completing tasks 8% faster than Claude Code on the same tasks. Those efficiency figures come from Snowflake's own benchmark runs; no independent replication has been published as of June 7, 2026. Read the 72.1% as "Snowflake's CoCo scored 72.1% on an independent benchmark," not as a settled verdict that CoCo beats Claude Code on data tasks.
ADE-Bench pass rates · CoCo vs general coding agents
Sources: Snowflake CoCo blog; dbt Labs ADE-BenchContext for the 56% baseline at the bottom: that is from dbt Labs' own original ADE-Bench publication, where OpenAI Codex with GPT-5.1 passed 56% of tasks at roughly $14.90 in cost, and Claude Sonnet 4.5 matched that rate at nearly identical cost. dbt Labs found that adding the dbt Fusion engine raised pass rates substantially, and layering MCP on top of Fusion improved efficiency without further raising the pass rate. The honest reading is that tooling and context matter as much as the underlying model — which is exactly the argument for a warehouse-native agent.
04 — The CategoryWarehouse-native vs repository-pointed.
The cleanest way to evaluate CoCo against the field is not by feature checklist but by two axes: the execution model (does the agent execute, suggest, or only complete?) and the governance model (does it enforce schema and access controls natively, by proxy, or not at all?). The table below maps CoCo, two general agents wired into Snowflake, an unwired general agent, and the dbt Fusion tooling that ADE-Bench measured. A data engineering manager can pick by trust model rather than by capability list.
| Agent | Execution model | Schema / RBAC | Context perimeter | ADE-Bench |
|---|---|---|---|---|
| Snowflake CoCo | Human-on-the-loop (plans + executes) | Native | Inside Snowflake | 72.1%* |
| Claude Code (via Cortex) | Human-on-the-loop (general repos) | Via integration | Repo + wired context | 65.1%* |
| GitHub Copilot (MCP to Snowflake) | Human-in-the-loop (suggests) | Proxied via MCP | Editor + MCP scope | — |
| Cursor (no native integration) | Human-in-the-loop (suggests) | None | Repository only | — |
| dbt Fusion + MCP | Tooling layer (not an agent) | Model-aware | dbt project graph | Raises baseline |
*ADE-Bench pass rates are from Snowflake's own benchmark run, not independently replicated as of June 7, 2026.
Read down the table and the pattern is clear. CoCo is the only row that is both human-on-the-loop and natively governed inside the data platform. A general agent can match the execution sophistication — Claude Code plans and executes too — but it sees the warehouse only through whatever integration you build. The trade is real on both sides: CoCo gives you native governance and loses portability across stacks; a repository-pointed agent gives you portability and makes you wire the governance yourself. If you are weighing this against the broader field, our analysis of the Q2 2026 coding platform landscape maps where each agent sits.
05 — VelocityFrom CLI to multi-surface platform in four months.
The build-out speed is itself a data point about roadmap credibility. CoCo went from a single CLI in February to a multi-surface platform by Summit. Note that the April 21 expansion was a pre-Summit update — it broadened Cortex Code to other stacks — and is distinct from the Summit announcements of Desktop, Automations, and Cloud Agents.
Cortex Code ships
Generally-available CLI plus a Snowsight browser integration in preview, launched in London. Nine early customers including WHOOP, LendingTree, United Rentals, and Braze. The scope was Snowflake plus dbt plus Airflow.
Reach expands beyond Snowflake
Pre-Summit update extending Cortex Code to AWS Glue, Databricks, Postgres, Apache Spark pipelines, and Apache Iceberg catalogs, plus a Skill Catalog (snowpark-python, snowpark-connect, dbt-projects-on-snowflake, dcm) and Snap & Ask visual interaction.
Cortex Code becomes CoCo
Summit 26 rename plus a GA Desktop app for macOS and Windows, Automations for scheduled autonomous workflows, and serverless Cloud Agents in Snowsight. Snowflake reports 7,100+ customer accounts, which it describes as its fastest-growing product.
By Summit, Snowflake reported CoCo reaching more than 7,100 customer accounts in roughly four months — a figure Atlan frames as more than half of the Snowflake customer base, against a platform total in the range of roughly 13,600 to 13,900 accounts. Treat "fastest-growing product in Snowflake's history" as a vendor claim rather than a verified fact: it cannot be checked against the historical growth curves of other Snowflake products, which are not public. The distribution surface count is more concrete — CoCo is available across six interfaces (Snowsight, Desktop, CLI, a VS Code extension, a Claude Code plugin, and an SDK), with MCP server support and Agent Client Protocol reaching 30-plus editors including Zed and JetBrains.
06 — The LimitWarehouse-native means it only knows what Snowflake knows.
The honest counterweight to the benchmark story is the perimeter. CoCo's native context is bounded by Snowflake's walls. Atlan's analysis — worth weighing against the fact that Atlan sells a context-layer product that addresses exactly these gaps — identifies four specific blind spots: cross-system business glossary definitions, column-level lineage spanning tools like Fivetran, Airflow, and BI layers, governance signals originating outside Snowflake, and data-quality metrics from upstream systems. If your organization's semantic truth lives across many tools, CoCo sees only the slice inside the warehouse.
Snowflake's own answer to this is Horizon Context, a two-layer semantic system announced alongside CoCo at Summit: a customer-managed layer (built partly on Snowflake's acquisition of Select Star, pulling metadata from Postgres, SQL Server, Tableau, and Power BI) plus a platform-derived layer, Cortex Sense, that auto-enriches from usage patterns. Snowflake claims 3x to 4x better response accuracy when Cortex Sense is active. That is a claim, not a published result — the methodology has not been released, so read it as "Snowflake claims" rather than "achieves."
IDC research director Devin Pratt, quoted by VentureBeat, frames why the perimeter question is the one to watch: agents are only as good as the data and semantics behind them, so the context layer, not the model, is the thing to watch right now. That is the strategic backdrop for CoCo. VB Pulse survey data VentureBeat cites shows hybrid-retrieval intent tripling from 10.3% of organizations in January 2026 to 33.3% in March among firms with 100+ employees — the fastest-growing strategic position in the dataset, and evidence that fragmented semantic layers are becoming a production problem.
07 — SecurityThe attack surface of an agent that runs under your credentials.
A warehouse-native agent that executes work runs under the user's active Snowflake credentials and touches production data. That is the source of its power and the shape of its risk. The concrete data point: PromptArmor disclosed a prompt-injection vulnerability in the Cortex Code CLI on March 16, 2026. A malicious README could cause the agent to execute arbitrary commands under the user's active credentials through a process-substitution bypass.
The responsible-disclosure detail matters as much as the vulnerability. Snowflake patched it in CLI v1.0.25 on February 28, 2026 — before the public disclosure on March 16. Snowflake subsequently added Cortex AI Guardrails, layered prompt-injection protections, sandboxing improvements, and prompt/response logging. No coverage of CoCo we reviewed addresses this honestly, so here is the balanced read: a sandbox escape was found, it was patched ahead of disclosure, and the episode is a reminder that any agent executing under live credentials against production data deserves the same threat modeling you would apply to a privileged service account.
"The notion that you need to put all your data in one platform and decide everything with that one vendor is a tale of the past. What we're offering is choice."— Christian Kleinerman, EVP Product, Snowflake (Diginomica)
08 — Who Should CareData teams now, marketers later.
The split is sharper than most coverage admits. CoCo is built for people who write SQL and dbt against Snowflake every day. If that is your team, it is directly relevant. If you are a marketing or growth team that consumes dashboards but does not operate the warehouse, CoCo is infrastructure underneath your analytics — worth understanding so you know what your data team can now do faster, but not something you adopt directly.
Daily SQL, dbt, and pipelines on Snowflake
This is the target user. Native schema, RBAC, and lineage awareness plus scheduled Automations can compress pipeline debugging and model work meaningfully. Run CoCo on your own messy projects before trusting the 72.1% headline — your repos are the only benchmark that decides it.
Semantics spread across many tools
If your business glossary, lineage, and data quality live across Fivetran, Airflow, BI tools, and more, CoCo's native context covers only the Snowflake slice. Weigh Horizon Context or a third-party context layer — and treat their accuracy claims as vendor-stated until you test them.
You read dashboards, not write models
CoCo is infrastructure beneath your reports. The relevant question is whether your data team's velocity improves, not whether you adopt a coding agent. Watch the output, not the tool.
Not your layer yet
A warehouse coding agent does not change a marketing workflow today. The agentic shift that does touch marketing is general-purpose coding agents and AI-built tooling — where the build-versus-buy decision is one we help teams make.
The forward read: CoCo is an early, credible instance of a broader pattern — agents moving from suggestion to governed execution inside the systems where work actually happens. For data teams, that pattern will keep maturing across the data stack regardless of which vendor wins. For everyone else, the lesson is to ask where in your stack an agent can execute under proper governance rather than just suggest in an editor. If you are mapping that question for your own organization, our AI transformation engagements start with exactly this kind of build-versus-buy and governance-first eval, and our analytics and data work covers the warehouse side directly. For the general-agent contrast, see our guide on building domain-specific agents with Claude Code.
09 — ConclusionA real category, with real edges.
A coding agent in the warehouse is a different category — not just a different feature set.
Snowflake CoCo is the clearest current example of a coding agent that executes governed work inside a data platform rather than suggesting edits in an editor. The rename from Cortex Code is cosmetic; the architecture is not. Human-on-the-loop execution, a four-step loop with native RBAC, and scheduled Automations are a genuine category distinction from suggestion-style assistants.
The benchmark story is the sharpest edge and the one to handle most carefully. ADE-Bench is a credible, independent test of real data work; the 72.1% versus 65.1% result is Snowflake's own run, not independently replicated. The perimeter is the honest limit: CoCo knows what Snowflake knows, and cross-system semantics, lineage, and upstream data quality fall outside it. The security episode is the reminder: an agent that executes under live credentials against production data is a privileged actor and deserves the threat modeling that implies.
The decision is simpler than the hype. If your team operates a Snowflake warehouse, evaluate CoCo on your own messy projects and let your repositories settle the benchmark question. If you do not, watch the pattern rather than the product — governed execution inside the systems where work happens is the direction, and CoCo is one early, credible signal of where agentic development is going.