\nAI security is one of the most pressing challenges facing the world today. Artificial intelligence is extraordinarily powerful, and, especially considering the advent of Agentic AI, growing more so by the day. But it is for this reason that securing it is so important. AI handles massive amounts of data and plays an increasingly important role in operations; should cybercriminals abuse it, the consequences can be dire. <\/p>\n
In this blog, we\u2019ll explore some of the most common and pressing threats to AI, frameworks designed to help secure it, and the intrinsic link between AI and API security. Think of it as your guide to AI security. So, let\u2019s dive in. <\/p>\n
## OWASP Top 10 for LLMs<\/p>\n
The OWASP Top 10 for Large Language Models (LLMs) is a specialized framework developed by the Open Worldwide Application Security Project (OWASP) to address the unique security challenges posed by LLMs and GenAI tools. <\/p>\n
First released in November 2024, the framework aims to help organizations identify vulnerabilities, implement mitigations, and ensure secure LLM development. Here\u2019s the full top 10.<\/p>\n
### Prompt Injection<\/p>\n
Prompt injection is when malicious actors inject malicious inputs, like “Ignore previous instructions,” into LLMs to manipulate model behavior. When these injected prompts trick the LLM into using external tools, the consequences can be severe, including Server-Side Request Forgery (SSRF), allowing them to access internal systems, or allowing attackers to exfiltrate sensitive data. <\/p>\n
We\u2019ve seen real-world examples of this type of threat. In December 2024, for example, The Guardian reported that OpenAI\u2019s ChatGPT search tool was vulnerable to prompt injection attacks, allowing hidden webpage content to manipulate its responses. Testing showed that invisible text could override negative reviews with artificially positive assessments, potentially misleading users.<\/p>\n
### Insecure Output Handling<\/p>\n
This vulnerability arises out of the assumption that AI-generated content is inherently safe. When an LLM returns raw HTML or JavaScript code directly into a web application, it opens the door to Cross-Site Scripting (XSS). <\/p>\n
Imagine a malicious script, disguised as harmless text, being injected into a webpage. When a user visits that page, their browser unknowingly executes this script, potentially leading to account takeover, data theft, or defacement of the website. It\u2019s a stark reminder that without proper sanitization, seemingly innocent LLM outputs can be dangerous. <\/p>\n
### Training Data Poisoning<\/p>\n
Training data poisoning is a subtle but dangerous attack where attackers tamper with the data used to train an AI model. For example, an attacker might inject malicious data into GitHub commits that are then used to fine-tune a code recommendation model. The result would be that, instead of outputting secure and helpful code, the compromised model could start recommending wallet scams or backdoored libraries. <\/p>\n
### Model Supply Chain Vulnerabilities<\/p>\n
Sometimes, LLMs come with hidden threats, akin to software supply chain attacks, where malicious code is embedded within model files. For example, a model hosted on Hugging Face was found to contain a malicious payload that established a reverse shell to a remote server, effectively granting attackers complete control over the victim\u2019s machine. <\/p>\n
### Permission Misconfigurations<\/p>\n
Overly broad permissions are a serious AI security threat. Imagine if an AI agent inherits administrator-level access to sensitive Human Resources or Finance APIs, even a rudimentary, seemingly harmless prompt like \u201cshow me employee salaries\u201d could be all it takes for a malicious actor to exfiltrate highly confidential payroll data.<\/p>\n
### Overreliance on LLM Output<\/p>\n
This is a simple one: when human operators rely too much on LLMs, they are at risk of taking potentially hallucinatory outputs as gospel, leading to compliance issues. <\/p>\n
### Excessive Agency<\/p>\n
Because of their autonomous capabilities, agents like AutoGPT need robust safeguards, especially when they are configured with the power to delete files or modify critical infrastructure. <\/p>\n
### Plugin Abuse & Escalation<\/p>\n
By exploiting an LLM\u2019s plugin access, attackers can craft prompts that trick the model into extracting sensitive secrets or issuing arbitrary, unauthorized commands to backend systems. It\u2019s essentially common command injection disguised as natural dialogue. <\/p>\n
### Insecure Plugin Design<\/p>\n
Insecurely designed plugins, riddled with vulnerabilities like absent or inadequate authentication and authorization controls, act as open doorways to backend infrastructure. Without proper safeguards, these flawed plugins can be exploited to gain unauthorized access to critical systems and the sensitive data they hold. <\/p>\n
### Model DoS<\/p>\n
As with so many systems, LLMs are susceptible to Denial of Service (DoS) attacks. Maliciously crafted inputs, such as recursive prompt loops that endlessly consume computational resources or the deliberate flooding of the model with massive token inputs, can effectively starve the system of compute power. <\/p>\n
## Agentic AI: A (Very) High-Level Overview<\/p>\n
At this point, we haven\u2019t really discussed Agentic AI. When you plug LLMs into tools, give them memory, or let them use APIs, they become agents. This changes the security landscape dramatically. Imagine a receipts-processing agent. It accepts PDFs, queries policies from a vector DB, validates claims, and then routes approvals via API. What happens when the PDF prompt manipulates the agent to mark fraudulent expenses as urgent and valid? No human catches it. That\u2019s agentic power misused. <\/p>\n
Here\u2019s a visual walkthrough of how a typical agentic AI system flows \u2014 and where attackers strike: <\/p>\n
<\/p>\n
Common threats in agentic workflows often include: <\/p>\n
### Tool Misuse<\/p>\n
When agents are given access to tools \u2013 for example, shell access, APIs controlling critical systems, or automation platforms \u2013 weak safeguards or misaligned objectives can result in misuse. This misuse can include deleting essential files, modifying configurations, issuing unintended financial transactions, or launching network scans, and often results from inadequate validation, ambiguous instructions, or errors in reasoning and goal translation. <\/p>\n
### Intent Manipulation<\/p>\n
Attackers may craft prompts or input sequences that exploit weaknesses in an agent\u2019s goal-tracking or alignment mechanisms. This manipulation can subtly or overtly shift the agent\u2019s intent away from its original task. For example, an attacker might embed misleading or adversarial instructions in a prompt that cause an assistant to exfiltrate sensitive data, sabotage another task, or elevate its permissions without authorization.<\/p>\n
### Privilege Compromise<\/p>\n
If an agent is provisioned with API tokens or access credentials that grant excessive privileges beyond what is necessary for its current task, a compromise in the agent\u2019s logic or external manipulation could allow abuse. This could include accessing user data it shouldn\u2019t see, modifying infrastructure, or impersonating other services. <\/p>\n
### Agent-to-Agent Communication Poisoning<\/p>\n
In systems where multiple agents interact, such as decentralized AI agents collaborating on a workflow, an attacker could inject false or manipulated data into the communication stream. If not validated, this misinformation can cascade, causing agents to make poor decisions, fail tasks, or propagate errors throughout the system. <\/p>\n
## Securing Agentic AI: The MAESTRO Framework<\/p>\n
So, now we understand some of the threats, we can look at how to secure Agentic AI. The MAESTRO (Multi-Agent Environment, Security, Threat, Risk, and Outcome) framework is a threat modelling approach, designed by the Cloud Security Alliance, to address the security challenges posed by Agentic AI systems, so that would probably be a good start. <\/p>\n
MAESTRO came into existence when CSA realized that traditional threat modelling frameworks like STRIDE, PASTA, and LINDDUN were not capable of handling the dynamic and autonomous nature of Agentic AI. These frameworks fall short of addressing AI-specific vulnerabilities such as adversarial attacks, data poisoning, and the complexities arising from multi-agent systems. <\/p>\n
### The Seven Layers of MAESTRO <\/p>\n
MAESTRO\u2019s structure centers around a seven-layer reference architecture, each representing a critical component of Agentic AI systems. Here\u2019s a table outlining them all, along with the risks and real threats they represent. <\/p>\n
**Layer **| **Risk**| **Real Threat**
—|—|—
**Foundation**| Model poisoning| Malicious training data leads the model to recommend scam URLs or produce harmful outputs.
**Data Operations**| Embedding drift| Outdated or manipulated vector embeddings cause the system to approve irrelevant or harmful content.
**Agent Frameworks**| Plugin abuse| An agent exploits a plugin to access unauthorized files, such as reading confidential secrets.
**Deployment and Infrastructure**| Secrets in logs| API keys or sensitive data are inadvertently logged and exposed through cloud monitoring tools.
**Evaluation and Observability**| Log tampering| An agent deletes or alters logs to hide evidence of fraudulent or malicious actions.
**Security and Compliance**| Guardrail bypass| The agent circumvents established approval policies, executing actions without proper authorization.
**Agent Ecosystem**| Rogue agent| A compromised agent influences or infects other agents, leading to a cascade of malicious behaviors. <\/p>\n
MAESTRO has been effectively applied in various contexts to enhance the security of Agentic AI systems. For example, using MAESTRO, security analysts identified potential risks associated with API interactions, ensuring robust protection against misuse. <\/p>\n
## How Wallarm API Security Can Help <\/p>\n
As we\u2019ve seen, Agentic AI introduces new attack surfaces – and many of them converge at the API layer. APIs are the nervous system of agentic workflows: They enable tool use, connect LLMs to databases and apps, and automate actions. But that power also makes them prime targets. The MAESTRO helps us think about this systematically. Each of its layers reveals how AI and API security are tightly interlinked. <\/p>\n
* **Foundation** : Poisoned models may call APIs in unsafe ways or under false pretenses, producing fraudulent or harmful outputs.
* **Data Operations** : Embedding drift might cause agents to approve or deny API requests based on stale or manipulated representations.
* **Agent Frameworks** : Plugins often function as wrappers for APIs – if an agent abuses plugin access, it\u2019s essentially performing unauthorized API calls.
* **Infrastructure** : Logging secrets or API tokens exposes backend services to attackers \u2014 a direct API security issue.
* **Evaluation** : If an agent tampers with logs, API abuse may go undetected, undermining audit trails and response.
* **Compliance** : When agents bypass approval policies and trigger unauthorized APIs, compliance risks escalate.
* **Ecosystem** : Rogue agents can hijack APIs across environments, spreading attacks via lateral movement.<\/p>\n
So, how does Wallarm fit in? Wallarm offers a multi-faceted approach to securing AI-driven environments: <\/p>\n
* **Prevent Injection Attacks and Data Leakage:** Wallarm detects and blocks prompt injection attempts, preventing unauthorized access and potential breaches.
* **Safeguard Critical Enterprise Systems:** Wallarm restricts AI agents to approved APIs and monitors their interactions to protect enterprise systems from misuse and unauthorized access.
* **Control Operational Costs:** By monitoring API usage in real time, Wallarm helps detect and mitigate abusive behaviors that could lead to unexpected costs.
* **Ensure Secure and Compliant Operations:** Wallarm offers tools to enforce compliance policies, monitor sensitive data flows, and maintain the integrity of AI operations. <\/p>\n
Want to find out more about how Wallarm protects Agentic AI? Click here.<\/p>\n
The post Mapping the Future of AI Security appeared first on Wallarm.\n<\/p><\/div>\n
View Advisory Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"Security Update News Update Information Title Mapping the Future of AI Security Update ID WALLARMLAB:F0A7734A6A40F113E8958BD6EE3CB824 Type wallarmlab Published 2025-05-22T06:30:33 Last Updated 2025-05-22T06:30:33 Security Impact CVSS…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,34,12,13,33,7,11,5,105],"class_list":["post-5606","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-cvss-00","tag-exploit","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability","tag-wallarmlab"],"yoast_head":"\n
Mapping the Future of AI Security - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=5606\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mapping the Future of AI Security - zero redgem\" \/>\n<meta property=\"og:description\" content=\"Security Update News Update Information Title Mapping the Future of AI Security Update ID WALLARMLAB:F0A7734A6A40F113E8958BD6EE3CB824 Type wallarmlab Published 2025-05-22T06:30:33 Last Updated 2025-05-22T06:30:33 Security Impact CVSS...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=5606\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-22T03:37:04+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5606#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5606\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Mapping the Future of AI Security\",\"datePublished\":\"2025-05-22T03:37:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5606\"},\"wordCount\":1826,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-0.0\",\"exploit\",\"news\",\"NONE\",\"Security\",\"tapic\",\"Vulnerability\",\"wallarmlab\"],\"articleSection\":[\"category_news\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=5606#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5606\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5606\",\"name\":\"Mapping the Future of AI Security - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-05-22T03:37:04+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5606#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=5606\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5606#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mapping the Future of AI Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Mapping the Future of AI Security - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=5606","og_locale":"en_US","og_type":"article","og_title":"Mapping the Future of AI Security - zero redgem","og_description":"Security Update News Update Information Title Mapping the Future of AI Security Update ID WALLARMLAB:F0A7734A6A40F113E8958BD6EE3CB824 Type wallarmlab Published 2025-05-22T06:30:33 Last Updated 2025-05-22T06:30:33 Security Impact CVSS...","og_url":"https:\/\/zero.redgem.net\/?p=5606","og_site_name":"zero redgem","article_published_time":"2025-05-22T03:37:04+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=5606#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=5606"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Mapping the Future of AI Security","datePublished":"2025-05-22T03:37:04+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=5606"},"wordCount":1826,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-0.0","exploit","news","NONE","Security","tapic","Vulnerability","wallarmlab"],"articleSection":["category_news"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=5606#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=5606","url":"https:\/\/zero.redgem.net\/?p=5606","name":"Mapping the Future of AI Security - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-05-22T03:37:04+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=5606#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=5606"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=5606#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Mapping the Future of AI Security"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/5606","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5606"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/5606\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5606"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5606"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5606"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}