feat: add Snowflake Cortex as an AI provider (#349)

* feat: add Snowflake Cortex as an AI provider

Adds `snowflake-cortex` as a built-in provider using Programmatic Access
Token (PAT) auth. Users authenticate by entering `<account>::<token>` once;
billing flows through Snowflake credits. Includes Claude, Llama, Mistral,
and DeepSeek models with Cortex-specific request transforms (max_completion_tokens,
tool stripping for unsupported models, synthetic SSE stop to break the AI
SDK's continuation-check loop when Snowflake rejects trailing assistant messages).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: harden Snowflake Cortex provider with `altimate_change` markers and edge case fixes

- Add `altimate_change` markers to all upstream-shared files (`provider.ts`,
  `schema.ts`, `plugin/index.ts`) to prevent overwrites on upstream merges
- Validate account ID against `^[a-zA-Z0-9._-]+$` to prevent URL injection
- Remove `(auth as any).accountId` casts — use proper type narrowing
- Fix `env` array: `SNOWFLAKE_PAT` → `SNOWFLAKE_ACCOUNT` (matches actual usage)
- Fix `claude-3-5-sonnet` output limit: `8096` → `8192`
- Strip orphaned `tool_calls` and `tool` role messages for no-toolcall models
- Use explicit `Array.isArray(tool_calls)` check for synthetic stop condition
- Remove zero-usage block from synthetic SSE to avoid broken token accounting
- Handle `ArrayBuffer` body type in fetch wrapper
- Reduce PAT expiry from 365 → 90 days (matches Snowflake default TTL)
- Add 14 new test cases covering URL injection, orphaned tool_calls, empty
  tool_calls array, SSE format validation, missing messages, and env/output limits

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: require oauth auth for snowflake-cortex, don't expose account as credential

Addresses CodeRabbit review comments:
- Require `auth.type === "oauth"` before autoloading — env-only `SNOWFLAKE_ACCOUNT`
  no longer makes the provider look configured without a PAT
- Set `env: []` so `state()` env-key scan doesn't treat account name as an API key
- Validate account from env fallback against `^[a-zA-Z0-9._-]+$`
- Add test: env-only without oauth does NOT load the provider
- All provider tests now set up/teardown oauth auth properly via save/restore
- Update env array assertion: `toContain("SNOWFLAKE_ACCOUNT")` → `toEqual([])`

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: address consensus code review findings

Fixes from 6-model consensus review (Claude, GPT 5.2, Gemini 3.1,
Kimi K2.5, MiniMax M2.5, GLM-5):

- Gate synthetic SSE stop on `stream !== false` to avoid returning SSE
  format for non-streaming requests (Major, flagged by GPT 5.2 Codex)
- Delete `content-length` header after body mutation to prevent
  length mismatch (Minor, flagged by GPT 5.2/Kimi/Gemini consensus)
- Export `VALID_ACCOUNT_RE` from `snowflake.ts` and import in
  `provider.ts` to eliminate duplicated regex (Minor, flagged by GLM-5)
- Add `claude-3-5-sonnet` to toolcall capability test (Kimi K2.5)
- Add 3 new tests: `stream: false` skips synthetic stop, `stream: true`
  triggers it, absent `stream` field defaults to streaming behavior

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* test: add Cortex E2E tests and sanitize hardcoded credentials

- Add `cortex-snowflake-e2e.test.ts` with 16 E2E tests for the Snowflake
  Cortex AI provider: PAT auth, streaming/non-streaming completions, model
  availability, request transforms, assistant-last rejection, PAT parsing
- Tests skip via `describe.skipIf` when `SNOWFLAKE_CORTEX_PAT` is not set
- Remove hardcoded credentials from `drivers-snowflake-e2e.test.ts` docstring
  — replaced with placeholder values

Run with:
  export SNOWFLAKE_CORTEX_ACCOUNT="<account>"
  export SNOWFLAKE_CORTEX_PAT="<pat>"
  bun test test/altimate/cortex-snowflake-e2e.test.ts --timeout 120000

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: update Cortex models from E2E testing against real Snowflake API

Verified against Snowflake account ejjkbko-fub20041 with cross-region
inference enabled. Key findings and fixes:

Model list changes (from real API probing):
- Replace `llama3.3-70b` (unavailable) with `snowflake-llama-3.3-70b`
- Add `llama3.1-70b`, `llama3.1-405b`, `llama3.1-8b`, `mistral-7b`
- All 10 models verified against live Cortex endpoint

Tool calling fix:
- Switch from blocklist (`NO_TOOLCALL_MODELS`) to allowlist
  (`TOOLCALL_MODELS`) — only Claude models support tool calls on Cortex,
  all others reject with "tool calling is not supported"

E2E test improvements (24 tests, all pass against live API):
- Test all 10 registered models for availability and response shape
- Tool call support test: Claude accepts, non-Claude rejects
- DeepSeek R1 reasoning format test (`<think>` tags in content)
- Support key-pair JWT auth (no PAT required)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* feat: add OpenAI and additional Claude models from Snowflake Cortex docs

From official Snowflake documentation (docs.snowflake.com):

New models added (19 → 28 total):
- OpenAI: `openai-gpt-4.1`, `openai-gpt-5`, `openai-gpt-5-mini`,
  `openai-gpt-5-nano`, `openai-gpt-5-chat`, `openai-gpt-oss-120b`
- Claude: `claude-opus-4-6`, `claude-sonnet-4-5`, `claude-opus-4-5`,
  `claude-4-sonnet`, `claude-4-opus`, `claude-3-7-sonnet`
- Meta: `llama4-maverick`, `mistral-large`

Tool calling update:
- Per docs: "Tool calling is supported for OpenAI and Claude models only"
- Updated `TOOLCALL_MODELS` allowlist to include all OpenAI + Claude IDs

Note: OpenAI models were not available on this test account (returned
"unknown model") but are documented in the Cortex REST API reference.
Availability depends on region and account configuration.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: verify model availability via live API, remove broken models

Probed all 28 documented models against ejjkbko-fub20041 with
cross-region enabled:

Verified working (13):
- Claude: claude-sonnet-4-6, claude-opus-4-6, claude-sonnet-4-5,
  claude-opus-4-5, claude-haiku-4-5, claude-4-sonnet, claude-3-7-sonnet,
  claude-3-5-sonnet
- OpenAI: openai-gpt-4.1, openai-gpt-5, openai-gpt-5-mini,
  openai-gpt-5-nano, openai-gpt-5-chat
- OpenAI tool calling confirmed working (get_weather test)

Removed from registration (kept as comments):
- claude-4-opus: 403 "account not allowed" (gated)
- openai-gpt-oss-120b: 500 internal error (not stable)

Also verified:
- llama4-maverick, mistral-large: working
- GPT-5 preview variants return 200 but empty content (preview)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* docs+test: pre-release — docs, test gaps, and full model validation

Documentation:
- Add Snowflake Cortex section to docs/configure/providers.md with
  auth instructions, model table, and cross-region note
- Add Snowflake Cortex to model format reference in models.md
- Add v0.5.6 changelog entry

Test gap fixes (46 → 52 unit tests):
- Content-length deletion after body transform
- Synthetic stop returns valid SSE Response object
- Both max_tokens + max_completion_tokens present (max_tokens wins)
- Unknown model tools stripped (allowlist default)
- tool_choice without tools stripped for non-toolcall models
- max_completion_tokens preserved when max_tokens absent

E2E model validation (37 pass against live API):
- All 26 registered models probed: 21 available, 4 gated/broken, 1 preview
- Accept 200/400/403/500 for model availability (accounts vary)
- Handle preview models returning empty content (openai-gpt-5-*)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: anandgupta42 <anand@altimate.ai>

Author: 3 people

docs/docs/configure/models.md

@@ -79,6 +79,7 @@ Models are referenced as `provider/model-name`:
 | Ollama | `ollama/llama3.1` |
 | OpenRouter | `openrouter/anthropic/claude-sonnet-4-6` |
 | Copilot | `copilot/gpt-4o` |
+| Snowflake Cortex | `snowflake-cortex/claude-sonnet-4-6` |
 | Custom | `my-provider/my-model` |
 
 See [Providers](providers.md) for full provider configuration details.

docs/docs/configure/providers.md

@@ -176,6 +176,36 @@ Access 150+ models through a single API key.
 
 Uses your GitHub Copilot subscription. Authenticate with `altimate auth`.
 
+## Snowflake Cortex
+
+```json
+{
+  "provider": {
+    "snowflake-cortex": {}
+  },
+  "model": "snowflake-cortex/claude-sonnet-4-6"
+}
+```
+
+Authenticate with `altimate auth snowflake-cortex` using a Programmatic Access Token (PAT). Enter credentials as `account-identifier::pat-token`.
+
+Create a PAT in Snowsight: **Admin > Security > Programmatic Access Tokens**.
+
+Billing flows through your Snowflake credits — no per-token costs.
+
+**Available models:**
+
+| Model | Tool Calling |
+|-------|-------------|
+| `claude-sonnet-4-6`, `claude-opus-4-6`, `claude-sonnet-4-5`, `claude-opus-4-5`, `claude-haiku-4-5`, `claude-4-sonnet`, `claude-3-7-sonnet`, `claude-3-5-sonnet` | Yes |
+| `openai-gpt-4.1`, `openai-gpt-5`, `openai-gpt-5-mini`, `openai-gpt-5-nano`, `openai-gpt-5-chat` | Yes |
+| `llama4-maverick`, `snowflake-llama-3.3-70b`, `llama3.1-70b`, `llama3.1-405b`, `llama3.1-8b` | No |
+| `mistral-large`, `mistral-large2`, `mistral-7b` | No |
+| `deepseek-r1` | No |
+
+!!! note
+    Model availability depends on your Snowflake region. Enable cross-region inference with `ALTER ACCOUNT SET CORTEX_ENABLED_CROSS_REGION = 'ANY_REGION'` for full model access.
+
 ## Custom / OpenAI-Compatible
 
 Any OpenAI-compatible endpoint can be used as a provider:

docs/docs/reference/changelog.md

@@ -21,6 +21,16 @@ After upgrading, the TUI welcome banner shows what changed since your previous v
 
 ---
 
+## [0.5.6] - 2026-03-21
+
+### Added
+
+- Snowflake Cortex as a built-in AI provider with PAT authentication (#349)
+  - 26 models: Claude, OpenAI, Llama, Mistral, DeepSeek
+  - Tool calling support for Claude and OpenAI models
+  - Zero token cost — billing via Snowflake credits
+  - Cortex-specific request transforms (`max_completion_tokens`, tool stripping, synthetic stop)
+
 ## [0.5.0] - 2026-03-18
 
 ### Added

packages/opencode/src/altimate/plugin/snowflake.ts

@@ -0,0 +1,177 @@
+import type { Hooks, PluginInput } from "@opencode-ai/plugin"
+import { Auth, OAUTH_DUMMY_KEY } from "@/auth"
+
+// Only OpenAI and Claude models support tool calling on Snowflake Cortex.
+// All other models reject tools with "tool calling is not supported".
+const TOOLCALL_MODELS = new Set([
+  // Claude
+  "claude-sonnet-4-6", "claude-opus-4-6", "claude-sonnet-4-5", "claude-opus-4-5",
+  "claude-haiku-4-5", "claude-4-sonnet", "claude-4-opus", "claude-3-7-sonnet", "claude-3-5-sonnet",
+  // OpenAI
+  "openai-gpt-4.1", "openai-gpt-5", "openai-gpt-5-mini", "openai-gpt-5-nano",
+  "openai-gpt-5-chat", "openai-gpt-oss-120b", "openai-o4-mini",
+])
+
+/** Snowflake account identifiers contain only alphanumeric, hyphen, underscore, and dot characters. */
+export const VALID_ACCOUNT_RE = /^[a-zA-Z0-9._-]+$/
+
+/** Parse a `account::token` PAT credential string. */
+export function parseSnowflakePAT(code: string): { account: string; token: string } | null {
+  const sep = code.indexOf("::")
+  if (sep === -1) return null
+  const account = code.substring(0, sep).trim()
+  const token = code.substring(sep + 2).trim()
+  if (!account || !token) return null
+  if (!VALID_ACCOUNT_RE.test(account)) return null
+  return { account, token }
+}
+
+/**
+ * Transform a Snowflake Cortex request body string.
+ * Returns a Response to short-circuit the fetch (synthetic stop), or undefined to continue normally.
+ */
+export function transformSnowflakeBody(bodyText: string): { body: string; syntheticStop?: Response } {
+  const parsed = JSON.parse(bodyText)
+
+  // Snowflake uses max_completion_tokens instead of max_tokens
+  if ("max_tokens" in parsed) {
+    parsed.max_completion_tokens = parsed.max_tokens
+    delete parsed.max_tokens
+  }
+
+  // Strip tools for models that don't support tool calling on Snowflake Cortex.
+  // Also remove orphaned tool_calls from messages to avoid Snowflake API errors.
+  if (!TOOLCALL_MODELS.has(parsed.model)) {
+    delete parsed.tools
+    delete parsed.tool_choice
+    if (Array.isArray(parsed.messages)) {
+      for (const msg of parsed.messages) {
+        if (msg.tool_calls) delete msg.tool_calls
+      }
+      parsed.messages = parsed.messages.filter((msg: { role: string }) => msg.role !== "tool")
+    }
+  }
+
+  // Snowflake rejects requests where the last message is an assistant role.
+  // The AI SDK makes "continuation check" requests with the model's last response
+  // at the end. Stripping causes an infinite loop (same request → same response).
+  // Instead, short-circuit by returning a synthetic "stop" streaming response.
+  if (Array.isArray(parsed.messages)) {
+    const last = parsed.messages.at(-1)
+    if (parsed.stream !== false && last?.role === "assistant" && (!Array.isArray(last.tool_calls) || last.tool_calls.length === 0)) {
+      const encoder = new TextEncoder()
+      const chunks = [
+        `data: {"id":"sf-done","object":"chat.completion.chunk","choices":[{"delta":{"role":"assistant","content":""},"index":0,"finish_reason":null}]}\n\n`,
+        `data: {"id":"sf-done","object":"chat.completion.chunk","choices":[{"delta":{},"index":0,"finish_reason":"stop"}]}\n\n`,
+        `data: [DONE]\n\n`,
+      ]
+      const stream = new ReadableStream({
+        start(controller) {
+          for (const chunk of chunks) controller.enqueue(encoder.encode(chunk))
+          controller.close()
+        },
+      })
+      return {
+        body: JSON.stringify(parsed),
+        syntheticStop: new Response(stream, {
+          status: 200,
+          headers: { "content-type": "text/event-stream", "cache-control": "no-cache" },
+        }),
+      }
+    }
+  }
+
+  return { body: JSON.stringify(parsed) }
+}
+
+export async function SnowflakeCortexAuthPlugin(_input: PluginInput): Promise<Hooks> {
+  return {
+    auth: {
+      provider: "snowflake-cortex",
+      async loader(getAuth, provider) {
+        const auth = await getAuth()
+        if (auth.type !== "oauth") return {}
+
+        // Zero costs (billed via Snowflake credits)
+        for (const model of Object.values(provider.models)) {
+          model.cost = { input: 0, output: 0, cache: { read: 0, write: 0 } }
+        }
+
+        return {
+          apiKey: OAUTH_DUMMY_KEY,
+          async fetch(requestInput: RequestInfo | URL, init?: RequestInit) {
+            const currentAuth = await getAuth()
+            if (currentAuth.type !== "oauth") return fetch(requestInput, init)
+
+            const headers = new Headers()
+            if (init?.headers) {
+              if (init.headers instanceof Headers) {
+                init.headers.forEach((value, key) => headers.set(key, value))
+              } else if (Array.isArray(init.headers)) {
+                for (const [key, value] of init.headers) {
+                  if (value !== undefined) headers.set(key, String(value))
+                }
+              } else {
+                for (const [key, value] of Object.entries(init.headers)) {
+                  if (value !== undefined) headers.set(key, String(value))
+                }
+              }
+            }
+
+            headers.set("authorization", `Bearer ${currentAuth.access}`)
+            headers.set("X-Snowflake-Authorization-Token-Type", "PROGRAMMATIC_ACCESS_TOKEN")
+
+            let body = init?.body
+            if (body) {
+              try {
+                let text: string
+                if (typeof body === "string") {
+                  text = body
+                } else if (body instanceof Uint8Array || body instanceof ArrayBuffer) {
+                  text = new TextDecoder().decode(body)
+                } else {
+                  // ReadableStream, Blob, FormData — pass through untransformed
+                  text = ""
+                }
+                if (text) {
+                  const result = transformSnowflakeBody(text)
+                  if (result.syntheticStop) return result.syntheticStop
+                  body = result.body
+                  headers.delete("content-length")
+                }
+              } catch {
+                // JSON parse error — pass original body through untransformed
+              }
+            }
+
+            return fetch(requestInput, { ...init, headers, body })
+          },
+        }
+      },
+      methods: [
+        {
+          label: "Snowflake PAT",
+          type: "oauth",
+          authorize: async () => ({
+            url: "https://app.snowflake.com",
+            instructions:
+              "Enter your credentials as: <account-identifier>::<PAT-token>\n  e.g. myorg-myaccount::pat-token-here\n  Create a PAT in Snowsight: Admin → Security → Programmatic Access Tokens",
+            method: "code" as const,
+            callback: async (code: string) => {
+              const parsed = parseSnowflakePAT(code)
+              if (!parsed) return { type: "failed" as const }
+              return {
+                type: "success" as const,
+                access: parsed.token,
+                refresh: "",
+                // PATs have variable TTLs (default 90 days); use conservative expiry
+                expires: Date.now() + 90 * 24 * 60 * 60 * 1000,
+                accountId: parsed.account,
+              }
+            },
+          }),
+        },
+      ],
+    },
+  }
+}

packages/opencode/src/plugin/index.ts

@@ -12,6 +12,9 @@ import { Session } from "../session"
 import { NamedError } from "@opencode-ai/util/error"
 import { CopilotAuthPlugin } from "./copilot"
 import { gitlabAuthPlugin as GitlabAuthPlugin } from "@gitlab/opencode-gitlab-auth"
+// altimate_change start — snowflake cortex plugin import
+import { SnowflakeCortexAuthPlugin } from "../altimate/plugin/snowflake"
+// altimate_change end
 
 export namespace Plugin {
   const log = Log.create({ service: "plugin" })
@@ -22,7 +25,9 @@ export namespace Plugin {
   // GitlabAuthPlugin uses a different version of @opencode-ai/plugin (from npm)
   // vs the workspace version, causing a type mismatch on internal HeyApiClient.
   // The types are structurally compatible at runtime.
-  const INTERNAL_PLUGINS: PluginInstance[] = [CodexAuthPlugin, CopilotAuthPlugin, GitlabAuthPlugin as unknown as PluginInstance]
+  // altimate_change start — snowflake cortex internal plugin
+  const INTERNAL_PLUGINS: PluginInstance[] = [CodexAuthPlugin, CopilotAuthPlugin, GitlabAuthPlugin as unknown as PluginInstance, SnowflakeCortexAuthPlugin]
+  // altimate_change end
 
   const state = Instance.state(async () => {
     const client = createOpencodeClient({

packages/opencode/src/provider/provider.ts

@@ -46,6 +46,9 @@ import { GoogleAuth } from "google-auth-library"
 import { ProviderTransform } from "./transform"
 import { Installation } from "../installation"
 import { ModelID, ProviderID } from "./schema"
+// altimate_change start — snowflake cortex account validation
+import { VALID_ACCOUNT_RE } from "../altimate/plugin/snowflake"
+// altimate_change end
 
 const DEFAULT_CHUNK_TIMEOUT = 120_000
 
@@ -670,6 +673,20 @@ export namespace Provider {
         },
       }
     },
+    // altimate_change start — snowflake cortex provider loader
+    "snowflake-cortex": async () => {
+      const auth = await Auth.get("snowflake-cortex")
+      if (auth?.type !== "oauth") return { autoload: false }
+      const account = auth.accountId ?? Env.get("SNOWFLAKE_ACCOUNT")
+      if (!account || !VALID_ACCOUNT_RE.test(account)) return { autoload: false }
+      return {
+        autoload: true,
+        options: {
+          baseURL: `https://${account}.snowflakecomputing.com/api/v2/cortex/v1`,
+        },
+      }
+    },
+    // altimate_change end
   }
 
   export const Model = z
@@ -879,6 +896,83 @@ export namespace Provider {
       }
     }
 
+    // altimate_change start — snowflake cortex provider models
+    function makeSnowflakeModel(
+      id: string,
+      name: string,
+      limits: { context: number; output: number },
+      caps?: { reasoning?: boolean; attachment?: boolean; toolcall?: boolean },
+    ): Model {
+      const m: Model = {
+        id: ModelID.make(id),
+        providerID: ProviderID.snowflakeCortex,
+        api: {
+          id,
+          url: "",
+          npm: "@ai-sdk/openai-compatible",
+        },
+        name,
+        capabilities: {
+          temperature: true,
+          reasoning: caps?.reasoning ?? false,
+          attachment: caps?.attachment ?? false,
+          toolcall: caps?.toolcall ?? true,
+          input: { text: true, audio: false, image: false, video: false, pdf: false },
+          output: { text: true, audio: false, image: false, video: false, pdf: false },
+          interleaved: false,
+        },
+        cost: { input: 0, output: 0, cache: { read: 0, write: 0 } },
+        limit: { context: limits.context, output: limits.output },
+        status: "active" as const,
+        options: {},
+        headers: {},
+        release_date: "2024-01-01",
+        variants: {},
+      }
+      m.variants = mapValues(ProviderTransform.variants(m), (v) => v)
+      return m
+    }
+
+    database["snowflake-cortex"] = {
+      id: ProviderID.snowflakeCortex,
+      source: "custom",
+      name: "Snowflake Cortex",
+      env: [],
+      options: {},
+      models: {
+        // Claude models — tool calling supported
+        "claude-sonnet-4-6": makeSnowflakeModel("claude-sonnet-4-6", "Claude Sonnet 4.6", { context: 200000, output: 64000 }),
+        "claude-opus-4-6": makeSnowflakeModel("claude-opus-4-6", "Claude Opus 4.6", { context: 200000, output: 32000 }),
+        "claude-sonnet-4-5": makeSnowflakeModel("claude-sonnet-4-5", "Claude Sonnet 4.5", { context: 200000, output: 64000 }),
+        "claude-opus-4-5": makeSnowflakeModel("claude-opus-4-5", "Claude Opus 4.5", { context: 200000, output: 32000 }),
+        "claude-haiku-4-5": makeSnowflakeModel("claude-haiku-4-5", "Claude Haiku 4.5", { context: 200000, output: 16000 }),
+        "claude-4-sonnet": makeSnowflakeModel("claude-4-sonnet", "Claude 4 Sonnet", { context: 200000, output: 64000 }),
+        // claude-4-opus: documented but gated (403 "account not allowed" on tested accounts)
+        "claude-3-7-sonnet": makeSnowflakeModel("claude-3-7-sonnet", "Claude 3.7 Sonnet", { context: 200000, output: 16000 }),
+        "claude-3-5-sonnet": makeSnowflakeModel("claude-3-5-sonnet", "Claude 3.5 Sonnet", { context: 200000, output: 8192 }),
+        // OpenAI models — tool calling supported
+        "openai-gpt-4.1": makeSnowflakeModel("openai-gpt-4.1", "OpenAI GPT-4.1", { context: 1047576, output: 32768 }),
+        "openai-gpt-5": makeSnowflakeModel("openai-gpt-5", "OpenAI GPT-5", { context: 1047576, output: 32768 }),
+        "openai-gpt-5-mini": makeSnowflakeModel("openai-gpt-5-mini", "OpenAI GPT-5 Mini", { context: 1047576, output: 32768 }),
+        "openai-gpt-5-nano": makeSnowflakeModel("openai-gpt-5-nano", "OpenAI GPT-5 Nano", { context: 1047576, output: 32768 }),
+        "openai-gpt-5-chat": makeSnowflakeModel("openai-gpt-5-chat", "OpenAI GPT-5 Chat", { context: 1047576, output: 32768 }),
+        // openai-gpt-oss-120b: documented but returns 500 (not yet stable)
+        // Meta Llama — no tool calling
+        "llama4-maverick": makeSnowflakeModel("llama4-maverick", "Llama 4 Maverick", { context: 1048576, output: 4096 }, { toolcall: false }),
+        "snowflake-llama-3.3-70b": makeSnowflakeModel("snowflake-llama-3.3-70b", "Snowflake Llama 3.3 70B", { context: 128000, output: 4096 }, { toolcall: false }),
+        "llama3.1-70b": makeSnowflakeModel("llama3.1-70b", "Llama 3.1 70B", { context: 128000, output: 4096 }, { toolcall: false }),
+        "llama3.1-405b": makeSnowflakeModel("llama3.1-405b", "Llama 3.1 405B", { context: 128000, output: 4096 }, { toolcall: false }),
+        "llama3.1-8b": makeSnowflakeModel("llama3.1-8b", "Llama 3.1 8B", { context: 128000, output: 4096 }, { toolcall: false }),
+        // Mistral — no tool calling
+        "mistral-large": makeSnowflakeModel("mistral-large", "Mistral Large", { context: 131000, output: 4096 }, { toolcall: false }),
+        "mistral-large2": makeSnowflakeModel("mistral-large2", "Mistral Large 2", { context: 131000, output: 4096 }, { toolcall: false }),
+        "mistral-7b": makeSnowflakeModel("mistral-7b", "Mistral 7B", { context: 32000, output: 4096 }, { toolcall: false }),
+        // DeepSeek — no tool calling
+        "deepseek-r1": makeSnowflakeModel("deepseek-r1", "DeepSeek R1", { context: 64000, output: 32000 }, { reasoning: true, toolcall: false }),
+      },
+    }
+    // altimate_change end
+
     function mergeProvider(providerID: ProviderID, provider: Partial<Info>) {
       const existing = providers[providerID]
       if (existing) {

packages/opencode/src/provider/schema.ts

@@ -23,6 +23,9 @@ export const ProviderID = providerIdSchema.pipe(
     azure: schema.makeUnsafe("azure"),
     openrouter: schema.makeUnsafe("openrouter"),
     mistral: schema.makeUnsafe("mistral"),
+    // altimate_change start — snowflake cortex provider ID
+    snowflakeCortex: schema.makeUnsafe("snowflake-cortex"),
+    // altimate_change end
   })),
 )