Summary

• execute_cortex.py: Orphan process prevention in except block (terminate/kill ladder)
• discover_cortex.py: shell=True changed to shell=False to prevent command injection
• predict_tools.py: Fixed cache path mismatch — now reads from CacheManager instead of stale /tmp path
• session_state.py: Added chmod 0600 after atomic writes for consistent file permissions
• read_cortex_sessions.py: 10MB file size guard before readlines() to prevent memory exhaustion
• config.yaml.example: DEPLOY envelope commented out with blast-radius warning
• SKILL.md: Updated stale --dangerously-allow-all-tool-calls reference to accurate --permission-prompt-tool stdio
• test_integration.py: New end-to-end integration test (13 assertions, 4 test functions) that exercises credential blocking, RO query flow, envelope enforcement, and process cleanup against live Cortex CLI
• run-tests.sh: Added --integration flag to gate integration tests (CI stays green without Snowflake creds)
• README.md: Added Testing section documenting both test tiers

Test plan

• Structural tests pass (23/23)
• Unit tests pass (34 envelope_policy + 42 plugin_units)
• Integration tests pass locally (13/13 against live Snowflake)
• CI test.yml passes (structural only, no --integration)