Attack Graph Paths

GET

api

attack-graph

paths

Attack Graph Paths

curl --request GET \
  --url http://localhost:8000/api/v1/attack-graph/paths

{
  "paths": [
    {
      "path_id": "<string>",
      "rule_id": "<string>",
      "severity": "<string>",
      "owasp_tag": "<string>",
      "title": "<string>",
      "description": "<string>",
      "agent_id": "<string>",
      "path_nodes": [
        "<string>"
      ],
      "path_edges": [
        "<string>"
      ],
      "risk_score": 123,
      "detected_at": "<string>"
    }
  ]
}

Returns detailed attack-path rows from the attack_paths table, ordered by risk_score descending. Unlike /risk/attack-paths, this endpoint exposes the raw node/edge lists and the rule metadata used to render the findings panel.

Response

paths

object[]

Array of path objects:

Show child attributes

path_id

string

Unique path identifier

rule_id

string

Rule identifier

severity

string

Critical, High, Medium, or Low

owasp_tag

string

OWASP ASI tag

title

string

Rule title

description

string

Description / explanation

agent_id

string

Primary agent involved

path_nodes

string[]

Node IDs along the path (agents, tool:*, ingress:*)

path_edges

string[]

Topology edge IDs traversed by the path

risk_score

float

Computed risk score

detected_at

string

ISO-8601 timestamp, or null

Attack Graph OverlayCompromised nodes and attack edges overlayed on the topology

Attack Graph Paths

curl --request GET \
  --url http://localhost:8000/api/v1/attack-graph/paths

{
  "paths": [
    {
      "path_id": "<string>",
      "rule_id": "<string>",
      "severity": "<string>",
      "owasp_tag": "<string>",
      "title": "<string>",
      "description": "<string>",
      "agent_id": "<string>",
      "path_nodes": [
        "<string>"
      ],
      "path_edges": [
        "<string>"
      ],
      "risk_score": 123,
      "detected_at": "<string>"
    }
  ]
}

​Response

Response