Axiom MCP Server
MCP server for querying Axiom datasets using APL, listing datasets, retrieving saved queries, and monitoring.
Score Breakdown
Server Info
- Package
- axiom-mcp
- Registry
- go
- Repository
- axiomhq/axiom-mcp
- Maintainer
- Community
- Category
- Developer Tools
- Tags
- observabilitylogsanalytics
- Last Scanned
- 7 Apr 2026
Findings
7 issuesAuthentication & Identity
HIGHNo per-request auth - requires instance-per-user
Stdio-only transport. Axiom API token is required via AXIOM_TOKEN env var or -token flag or config file. Optional custom API URL via AXIOM_URL. Uses ff library for env/flag/config parsing with AXIOM_ prefix. Token is passed as Bearer header to Axiom API. For multi-tenant deployment, the platform must spawn a separate server instance per user.
Add HTTP/SSE transport to accept per-request Authorization headers, or implement the MCP OAuth spec.
Tool Schema Quality
MEDIUMOnly 0 of 6 schemas have parameter constraints
Most schemas lack maxLength, enum, or pattern constraints on string parameters.
Add constraints to string parameters, especially on write operations.
CRITICALDangerous execution surface: queryApl accepts arbitrary APL query strings that execute against the full Axiom dataset
Tool allows raw code/query execution which could be exploited via prompt injection.
Use parameterized queries or validated command sets.
LLM Safety
MEDIUM1 tool descriptions are too vague
Short or generic descriptions make tool selection unreliable.
Expand descriptions with specific actions, data types, and side effects.
HIGHTool descriptions contain instructional language
Descriptions include directives that could influence LLM behavior beyond tool selection.
Remove instructional language. Descriptions should be purely factual.
Data Exposure
MEDIUM3 list operations lack pagination
listDatasets, getSavedQueries (hardcoded limit=100), and getMonitors return full result sets without user-controllable pagination. queryApl has a system-level 65000 row limit but no user-facing pagination parameter. No field selection supported.
Add limit/offset or cursor-based pagination.
LOWNo field selection on responses
Responses return full records rather than projected fields.
Implement field selection to return only relevant fields.
Tools
6 total| Name | Description | Risk |
|---|---|---|
| queryApl | # Instructions 1. Query Axiom datasets using Axiom Processing Language (APL). The query must be a valid APL query string. 2. ALWAYS get the schema of the dataset before running queries rather than guessing. You can do this by getting a single event and projecting all fields. 3. Keep in mind that there's a maximum row limit of 65000 rows per query. 4. Prefer aggregations over non aggregating queries when possible to reduce the amount of data returned. 5. Be selective in what you project in each query (unless otherwise needed, like for discovering the schema). It's expensive to project all fields. 6. ALWAYS restrict the time range of the query to the smallest possible range that meets your needs. This will reduce the amount of data scanned and improve query performance. 7. NEVER guess the schema of the dataset. If you don't where something is, use search first to find in which fields it appears. # Examples [extensive APL examples...] | read |
| listDatasets | List all available Axiom datasets | read |
| getDatasetSchema | Get the schema of an Axiom dataset by fetching a single event. This is useful for understanding the structure of the data before writing a query. | read |
| getSavedQueries | Retrieve saved/starred queries from Axiom - shows APL queries that users have bookmarked for reuse | read |
| getMonitors | Retrieve monitors from Axiom | read |
| getMonitorsHistory | Get recent check history of monitors. Use getMonitors to list all available monitors first. | read |
Deploy Axiom MCP Server securely
CompleteFlow adds per-user authentication, permission scoping, and audit logging to any MCP server out of the box.
Deploy on CompleteFlow