diff --git a/java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll b/java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll
index 2b9cd8379b2..092c25b0bf3 100644
--- a/java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll
+++ b/java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll
@@ -165,7 +165,7 @@ abstract class EndpointCharacteristic extends string {
 //  * Endpoints identified as "DomBasedXssSink" by the standard Java libraries are XSS sinks with maximal confidence.
 //  */
 // private class DomBasedXssSinkCharacteristic extends EndpointCharacteristic {
-//   DomBasedXssSinkCharacteristic() { this = "DomBasedXssSink" }
+//   DomBasedXssSinkCharacteristic() { this = any(XssSinkType type).getDescription() }
 //   override predicate appliesToEndpoint(DataFlow::Node n) { n instanceof DomBasedXss::Sink }
 //   override predicate hasImplications(
 //     EndpointType endpointClass, boolean isPositiveIndicator, float confidence
@@ -180,7 +180,7 @@ abstract class EndpointCharacteristic extends string {
  * confidence.
  */
 private class TaintedPathSinkCharacteristic extends EndpointCharacteristic {
-  TaintedPathSinkCharacteristic() { this = "TaintedPathSink" }
+  TaintedPathSinkCharacteristic() { this = any(TaintedPathSinkType type).getDescription() }
 
   override predicate appliesToEndpoint(DataFlow::Node n) {
     n.asExpr() = any(PathCreation p).getAnInput()
@@ -220,7 +220,7 @@ private class SqlInjectionSinkCharacteristic extends EndpointCharacteristic {
 //  * maximal confidence.
 //  */
 // private class NosqlInjectionSinkCharacteristic extends EndpointCharacteristic {
-//   NosqlInjectionSinkCharacteristic() { this = "NosqlInjectionSink" }
+//   NosqlInjectionSinkCharacteristic() { this = any(NosqlInjectionSinkType type).getDescription() }
 //   override predicate appliesToEndpoint(DataFlow::Node n) { n instanceof NosqlInjection::Sink }
 //   override predicate hasImplications(
 //     EndpointType endpointClass, boolean isPositiveIndicator, float confidence
diff --git a/java/ql/experimental/adaptivethreatmodeling/src/ExtractSinkCandidatesWithFlow.ql b/java/ql/experimental/adaptivethreatmodeling/src/ExtractSinkCandidatesWithFlow.ql
index 0beca8fe6e9..73245a01522 100644
--- a/java/ql/experimental/adaptivethreatmodeling/src/ExtractSinkCandidatesWithFlow.ql
+++ b/java/ql/experimental/adaptivethreatmodeling/src/ExtractSinkCandidatesWithFlow.ql
@@ -22,6 +22,7 @@ private import experimental.adaptivethreatmodeling.TaintedPathATM as TaintedPath
 // private import experimental.adaptivethreatmodeling.XssThroughDomATM as XssThroughDomAtm
 from DataFlow::PathNode sink, string message
 where
+  exists(AtmConfig::AtmConfig config | config.isSinkCandidateWithFlow(sink)) and
   // The message is the concatenation of all relevant configs
   message =
     concat(AtmConfig::AtmConfig config |