It doesn’t actually require that second part. Every time I’ve used it in a production system, we had an approved list of query shapes that were accepted. If the client wanted to use a new kind of query, it was performance tested and sometimes needed to be optimized before approval for use.

If you open it up for any possible query, then give that to uncontrolled clients, it’s a recipe for disaster.

No.

It's a way to transmit a program from client to server. It then executes that program on the server side.