Knowledge Graph & Citations
Two complementary endpoints: a knowledge graph that maps relationships between all entities in the taxonomy, and a citation index with pre-formatted citation strings.
Authentication: None required
CORS: Access-Control-Allow-Origin: *
Cache: public, max-age=3600 (1 hour)
Knowledge Graph
The graph endpoint provides all nodes and typed edges in the TopAIThreats taxonomy. It enables relationship-aware queries across domains, patterns, incidents, and glossary terms.
Node Types
| Type | ID Format | Key Fields |
|---|---|---|
domain | domain:DOM-INF | domain_code, title, definition, url, framework_mapping |
sub_category | sub:DOM-INF-slug | pattern_code, title, severity, likelihood, url |
incident | incident:INC-24-0001 | title, status, severity, date_occurred, regions, sectors |
glossary_term | glossary:term-slug | term, definition, url, same_as |
Every node includes a degree field indicating the total number of edges (inbound + outbound) connected to it.
Edge Types
| Relationship | Direction | Meaning |
|---|---|---|
has_pattern | Domain → Pattern | Domain contains this threat pattern |
belongs_to | Pattern → Domain | Inverse of has_pattern |
primary_pattern | Incident → Pattern | Primary threat classification |
secondary_pattern | Incident → Pattern | Secondary threat classification |
references_term | Incident|Pattern → Glossary | References a glossary term |
explains | Glossary → Pattern | Term explains this pattern |
related_pattern | Pattern → Pattern | Cross-domain relationship |
related_term | Glossary → Glossary | Semantic relationship |
Meta & Diagnostics
The _meta object includes aggregate statistics (stats) and a warnings array flagging coverage gaps (e.g. patterns with no documented incidents, glossary terms with no cross-references).
Example (Graph)
{
"_meta": {
"name": "TopAIThreats.com Knowledge Graph",
"graph_version": "2.0",
"schema_version": "2.0",
"generated": "2026-02-26T00:00:00.000Z",
"stats": {
"domains": 8,
"sub_categories": 42,
"incidents": 56,
"glossary_terms": 140,
"total_nodes": 246,
"total_edges": 512
},
"edge_types": [ ... ],
"warnings": [
"Coverage gap: Pattern X has no documented incidents"
]
},
"nodes": [
{
"id": "domain:DOM-INF",
"type": "domain",
"domain_code": "DOM-INF",
"title": "Information Integrity",
"degree": 12,
...
}
],
"edges": [
{
"source": "domain:DOM-INF",
"target": "sub:DOM-INF-deepfake-identity-hijacking",
"relationship": "has_pattern"
}
]
}Citation Index
The citation endpoint provides pre-formatted citation strings for all citable entities: incidents, domains, and glossary terms. Each entry includes a stable identifier, canonical URL, and a ready-to-use citation string.
Entity Categories
| Category | cite_id Format | Fields |
|---|---|---|
incidents | INC-24-0001 | title, url, date_occurred, last_updated, severity, evidence_level, citation |
domains | DOM-INF | title, url, definition, citation |
glossary | glossary:term-slug | title, url, definition, same_as, citation |
Example (Citations)
{
"_meta": {
"name": "TopAIThreats.com Citation Index",
"version": "1.0",
"generated": "2026-02-26T00:00:00.000Z",
"total_entities": 204,
"license": "CC BY 4.0"
},
"incidents": [
{
"cite_id": "INC-24-0001",
"type": "incident",
"title": "Hong Kong Deepfake CFO Video Conference Fraud",
"url": "https://topaithreats.com/incidents/INC-24-0001-hong-kong-deepfake-cfo-fraud/",
"severity": "critical",
"citation": "TopAIThreats, \"Hong Kong Deepfake CFO Video Conference Fraud\" (INC-24-0001), https://topaithreats.com/incidents/INC-24-0001-hong-kong-deepfake-cfo-fraud/, last updated 2026-02-26."
}
],
"domains": [ ... ],
"glossary": [ ... ]
}Use Cases
- Graph visualisation — Build interactive network diagrams of the AI threat landscape using nodes and edges
- Relationship queries — Traverse edges to find which incidents relate to specific patterns, or which glossary terms explain particular threats
- Coverage analysis — Use the
warningsarray anddegreecounts to identify under-documented areas - Automated citation — Generate properly formatted references to TopAIThreats content in reports, papers, and briefings
- LLM grounding — Provide citation strings as context so language models can reference specific incidents with verifiable URLs