query-metrics

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's mandatory workflow and scripts (e.g., scripts/metrics-spec calling OPTIONS /v1/query/_mpl and scripts/metrics-info calling /v1/query/metrics/info via the Axiom API at https://api.axiom.co or resolved edge URLs) fetch dataset metadata, tag values and a query specification from an external Axiom deployment — these are user-generated/untrusted metrics and spec content the agent is required to read and which directly influence query composition and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The scripts fetch the live MPL spec at runtime from the Axiom API (e.g., OPTIONS to https://api.axiom.co/v1/query/_mpl or resolved edge endpoints like https://us-east-1.aws.edge.axiom.co/v1/query/_mpl) via scripts/metrics-spec, and the skill mandates using that fetched spec to compose queries, so remote content directly controls the agent's instructions.