{"id":46219263,"url":"https://github.com/capiscio/capiscio-core","last_synced_at":"2026-05-13T20:02:03.329Z","repository":{"id":325172863,"uuid":"1099185911","full_name":"capiscio/capiscio-core","owner":"capiscio","description":"The Identity Authority and Trust Gateway for the AI Agent economy. Issues and verifies cryptographic TrustBadges to secure cross-cloud Agent-to-Agent (A2A) communication.","archived":false,"fork":false,"pushed_at":"2026-05-06T15:30:07.000Z","size":23041,"stargazers_count":2,"open_issues_count":4,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-06T17:25:24.507Z","etag":null,"topics":["a2a-protocol","agent-to-agent","ai-security","autonomous-agents","infrastructure"],"latest_commit_sha":null,"homepage":"https://capisc.io","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/capiscio.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-11-18T17:17:05.000Z","updated_at":"2026-05-02T18:14:08.000Z","dependencies_parsed_at":"2026-03-16T22:02:21.431Z","dependency_job_id":null,"html_url":"https://github.com/capiscio/capiscio-core","commit_stats":null,"previous_names":["capiscio/capiscio-core"],"tags_count":12,"template":false,"template_full_name":null,"purl":"pkg:github/capiscio/capiscio-core","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capiscio%2Fcapiscio-core","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capiscio%2Fcapiscio-core/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capiscio%2Fcapiscio-core/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capiscio%2Fcapiscio-core/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/capiscio","download_url":"https://codeload.github.com/capiscio/capiscio-core/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capiscio%2Fcapiscio-core/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32997729,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-13T13:14:54.681Z","status":"ssl_error","status_checked_at":"2026-05-13T13:14:51.610Z","response_time":115,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["a2a-protocol","agent-to-agent","ai-security","autonomous-agents","infrastructure"],"created_at":"2026-03-03T11:38:34.932Z","updated_at":"2026-05-13T20:02:03.323Z","avatar_url":"https://github.com/capiscio.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CapiscIO Core: The Authority Layer\n\n[![Go Reference](https://pkg.go.dev/badge/github.com/capiscio/capiscio-core.svg)](https://pkg.go.dev/github.com/capiscio/capiscio-core)\n[![CI](https://github.com/capiscio/capiscio-core/actions/workflows/ci.yml/badge.svg)](https://github.com/capiscio/capiscio-core/actions/workflows/ci.yml)\n[![Go Report Card](https://goreportcard.com/badge/github.com/capiscio/capiscio-core)](https://goreportcard.com/report/github.com/capiscio/capiscio-core)\n[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/capiscio/capiscio-core?sort=semver)](https://github.com/capiscio/capiscio-core/releases)\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n\n**CapiscIO Core** is the **Universal Authority Layer** for AI Agents. It provides the infrastructure to Issue, Verify, and Enforce **Trust Badges** (Identity) for any agent, regardless of protocol (REST, MCP, A2A, etc.).\n\nWhile it serves as the reference implementation for the **Agent-to-Agent (A2A) Protocol**, its primary mission is to secure the broader agent ecosystem.\n\n\u003e **v2.6.0 Release**: Full implementation of **RFC-002 Trust Badge Specification** and **RFC-003 Key Ownership Proof (PoP)** with did:web/did:key DIDs, Trust Levels, gRPC SDK integration, and enhanced verification.\n\n## Why CapiscIO?\n\nBuilding authentication for AI Agents is hard. OAuth is complex, API keys are insecure, and building a custom registry is a distraction.\n\n**CapiscIO Core** acts as a **Security Sidecar**. It sits in front of your agent, verifies incoming requests against a trusted registry, and forwards only authenticated traffic.\n\n```text\n[Client] --(Badge)--\u003e [CapiscIO Gateway] --(Identity)--\u003e [Your Agent]\n |\n (Verify Sig)\n |\n [Registry]\n```\n\n## Key Features\n\n* **Trust Badges (RFC-002)**: Issue and Verify VC-aligned JWS tokens with did:web/did:key DIDs and Trust Levels (0-4: SS/REG/DV/OV/EV).\n* **Proof of Possession (RFC-003)**: Challenge-response protocol for cryptographic key ownership proof with IAL-1 assurance.\n* **gRPC SDK Integration**: Native gRPC server for Python, Node.js, and other language SDKs with 7 specialized services (auto-started by SDKs via process manager).\n* **Gateway Sidecar**: A high-performance Reverse Proxy that enforces identity before traffic reaches your Agent.\n* **Registry Interface**: Pluggable trust anchors supporting **Local Mode** (Air-gapped/Dev), **Offline Mode** (Trust Store), and **Cloud Mode** (Enterprise).\n* **Go-Native**: Built for speed and concurrency, deployable as a single static binary.\n\n## โšก Quick Start (The \"Minimal Stack\")\n\n### 1. Installation\n\n```bash\ngo install github.com/capiscio/capiscio-core/v2/cmd/capiscio@latest\n```\n\n### 2. Issue a Trust Badge (Identity)\n\n**Self-Signed (Development)**\n```bash\n# Level 1 (Domain Validated) - default\ncapiscio badge issue --self-sign --domain example.com\n\n# Level 2 (Organization Validated)\ncapiscio badge issue --self-sign --level 2 --domain mycompany.com\n\n# With audience restriction\ncapiscio badge issue --self-sign --aud \"https://api.example.com\"\n```\n\n**With Persistent Key (Production)**\n```bash\n# 1. Generate a Key Pair\ncapiscio key gen --out-priv private.jwk --out-pub public.jwk\n\n# 2. Issue a Badge using the Private Key\ncapiscio badge issue --key private.jwk --sub \"did:web:registry.capisc.io:agents:prod\"\n```\n\n**Automated Renewal (Daemon)**\n```bash\ncapiscio badge keep \\\n --key private.jwk \\\n --sub \"did:web:registry.capisc.io:agents:prod\" \\\n --out badge.jwt \\\n --exp 5m \\\n --renew-before 1m\n```\n\n### 3. Verify a Badge\n\n```bash\n# Online verification (fetches CA key from issuer)\ncapiscio badge verify \"$TOKEN\"\n\n# Offline verification (uses local trust store)\ncapiscio badge verify \"$TOKEN\" --offline\n\n# With audience check\ncapiscio badge verify \"$TOKEN\" --audience \"https://api.example.com\"\n```\n\n### 4. Manage Trust Store (Offline Mode)\n\n```bash\n# Add CA keys from JWKS endpoint\ncapiscio trust add --from-jwks https://registry.capisc.io/.well-known/jwks.json\n\n# List trusted keys\ncapiscio trust list\n\n# Remove a key\ncapiscio trust remove \u003ckid\u003e\n```\n\n### 5. Start the Gateway (Enforcement)\n\n```bash\ncapiscio gateway start \\\n --port 8080 \\\n --target http://localhost:3000 \\\n --local-key public-key.json\n```\n\n### 6. Make a Request\n\n```bash\n# This will succeed (200 OK)\ncurl -H \"X-Capiscio-Badge: $(cat badge.jwt)\" http://localhost:8080/api/v1/agent\n\n# This will fail (401 Unauthorized)\ncurl http://localhost:8080/api/v1/agent\n```\n\n## ๐Ÿณ Docker\n\nThe **CapiscIO Guard** is available as a Docker image for easy deployment:\n\n```bash\ndocker pull capiscio/guard\n```\n\n### Quick Start with Docker\n\n```bash\n# Run the gateway in front of your agent\ndocker run -p 8080:8080 capiscio/guard \\\n gateway start \\\n --port 8080 \\\n --target http://host.docker.internal:3000 \\\n --registry-url https://registry.capisc.io\n```\n\n### Docker Compose\n\n```yaml\nservices:\n guard:\n image: capiscio/guard:latest\n ports:\n - \"8080:8080\"\n command:\n - gateway\n - start\n - --port=8080\n - --target=http://agent:3000\n - --registry-url=https://registry.capisc.io\n depends_on:\n - agent\n \n agent:\n image: your-agent:latest\n # Your agent runs on internal port 3000\n```\n\n### Available Tags\n\n| Tag | Description |\n|-----|-------------|\n| `latest` | Latest stable release |\n| `vX.Y.Z` | Specific version (e.g., `v2.3.0`) |\n| `vX.Y` | Latest patch for minor version |\n| `vX` | Latest for major version |\n\n### Building Locally\n\n```bash\n# Clone and build\ngit clone https://github.com/capiscio/capiscio-core.git\ncd capiscio-core\nmake docker-build\n\n# Test locally\nmake docker-run TARGET=http://localhost:3000\n```\n\n### 7. gRPC Server (SDK Integration)\n\nThe gRPC server provides programmatic access to all CapiscIO functionality for SDKs in Python, Node.js, and other languages. The SDKs automatically manage the gRPC server process.\n\n```python\n# Python SDK auto-starts the gRPC server\nfrom capiscio_sdk._rpc.client import CapiscioRPCClient\ntoken = '\u003cYOUR_BADGE_TOKEN_HERE\u003e' # Replace with your actual badge token\nwith CapiscioRPCClient() as client: # Auto-starts gRPC server\n valid, claims, warnings, err = client.badge.verify_badge_with_options(\n token,\n accept_self_signed=True # SDK flag for development\n )\n print(f'Valid: {valid}, Subject: {claims[\"sub\"]}')\n```\n\n**Available Services** (7 total):\n- `BadgeService` - Sign, verify, parse, request badges; start badge keeper\n- `DIDService` - Parse did:web identifiers\n- `TrustStoreService` - Add trusted CA keys\n- `RevocationService` - Check revocation status\n- `ScoringService` - Score agent cards, validate rules\n- `SimpleGuardService` - Sign/verify payloads with JWS\n- `RegistryService` - Fetch agent cards\n\n## ๐Ÿ” Trust Levels (RFC-002)\n\nTrust Badges include a **Trust Level** claim that indicates the verification depth:\n\n| Level | Name | Verification | DID Method |\n|-------|------|--------------|------------|\n| 0 | SS (Self-Signed) | No external validation | `did:key` |\n| 1 | REG (Registered) | DID verified by registry | `did:web` |\n| 2 | DV (Domain Validated) | Domain ownership proven | `did:web` |\n| 3 | OV (Organization Validated) | Organization identity verified | `did:web` |\n| 4 | EV (Extended Validation) | Extended identity verification | `did:web` |\n\n```bash\n# Issue Level 0 (Self-Signed) - for development only\ncapiscio badge issue --self-sign\n# Note: --self-sign issues a Level 0 badge using local keys\n\n# Issue Level 2 (OV) - requires CA key\ncapiscio badge issue --key ca-private.jwk --level 2 --domain example.com\n\n# Verify with local key\ncapiscio badge verify \"$TOKEN\" --key ca-public.jwk\n\n# Verify offline (uses trust store)\ncapiscio badge verify \"$TOKEN\" --offline\n```\n\n\u003e โš ๏ธ **Production Warning**: Self-signed badges should only be used for development/testing. Production deployments should use CA-issued badges with proper trust chains.\n\n## ๐ŸŒ DID:Web Integration\n\nBadges use **did:web** DIDs for agent identity:\n\n```\ndid:web:registry.capisc.io:agents:my-agent-123\n```\n\nThe `pkg/did` package provides utilities for parsing and constructing DIDs:\n\n```go\nimport \"github.com/capiscio/capiscio-core/v2/pkg/did\"\n\n// Parse a DID\nd, err := did.Parse(\"did:web:registry.capisc.io:agents:my-agent\")\n\n// Get the DID Document URL\nurl := d.DocumentURL() // https://registry.capisc.io/agents/my-agent/did.json\n\n// Create a new agent DID\nagentDID := did.NewCapiscIOAgentDID(\"my-agent-123\")\n```\n\n## ๐ŸŒ Universal Compatibility\n\nWhile `capiscio-core` is the reference implementation for the **A2A Protocol**, the **Authority Layer** is designed to be **Protocol Agnostic**.\n\n* **Any Agent**: The Gateway works with any HTTP-based agent (REST, GraphQL, MCP, etc.).\n* **Any Identity**: The Trust Badge is a standard JWT/VC that can wrap any DID.\n* **Any Transport**: Badges are passed via standard HTTP headers (`Authorization` or `X-Capiscio-Badge`).\n\nYou can use the **Gateway** to secure *any* AI Agent, even if it doesn't fully implement the A2A Agent Card specification.\n\n## ๐Ÿ—๏ธ Architecture\n\n### The Authority Layer\n* **Trust Badge**: A standard JWS containing Identity (`sub`), Trust Level, and Capabilities (`vc`).\n* **Gateway**: A reverse proxy that enforces badge validity before forwarding traffic.\n* **Registry**: The source of truth for public keys (Local, Trust Store, or Cloud).\n* **Trust Store**: Local storage for CA keys enabling offline verification.\n* **Revocation Cache**: Local cache for revocation lists (5-minute staleness per RFC-002).\n\n### The Validation Engine (Foundation)\nCapiscIO Core retains its original capabilities as a robust validator for the A2A Protocol:\n* **Agent Card Validation**: Deep schema validation for `agent-card.json` files.\n* **Scoring Engine**: Calculates \"Trust Scores\" based on compliance, identity proof, and availability.\n* **Protocol Clients**: Built-in JSON-RPC and HTTP clients for testing Agent availability.\n\n## ๐Ÿ“š Library Usage\n\n### 1. Authority Layer (Gatekeeper)\n\n```go\nimport (\n \"github.com/capiscio/capiscio-core/v2/pkg/badge\"\n \"github.com/capiscio/capiscio-core/v2/pkg/registry\"\n)\n\nfunc main() {\n // 1. Setup Registry\n reg := registry.NewLocalRegistry(\"./keys/public.jwk\")\n \n // 2. Create Verifier\n verifier := badge.NewVerifier(reg)\n \n // 3. Verify a Token (simple)\n claims, err := verifier.Verify(context.Background(), tokenString)\n if err != nil {\n log.Fatal(\"Invalid badge\")\n }\n \n fmt.Printf(\"Authenticated Agent: %s\\n\", claims.Subject)\n}\n```\n\n### 2. Advanced Verification (RFC-002)\n\n```go\nimport (\n \"github.com/capiscio/capiscio-core/v2/pkg/badge\"\n)\n\nfunc main() {\n verifier := badge.NewVerifier(reg)\n \n // Verify with options\n result, err := verifier.VerifyWithOptions(ctx, tokenString, badge.VerifyOptions{\n Mode: badge.VerifyModeOffline, // Use trust store\n TrustedIssuers: []string{\"https://registry.capisc.io\"},\n Audience: \"https://api.example.com\",\n })\n if err != nil {\n var badgeErr *badge.BadgeError\n if errors.As(err, \u0026badgeErr) {\n fmt.Printf(\"Badge error: %s (code: %s)\\n\", badgeErr.Message, badgeErr.Code)\n }\n }\n \n fmt.Printf(\"Trust Level: %s\\n\", result.Claims.TrustLevel())\n}\n```\n\n### 3. Validation Engine (Compliance)\n\n```go\nimport (\n \"github.com/capiscio/capiscio-core/v2/pkg/agentcard\"\n \"github.com/capiscio/capiscio-core/v2/pkg/scoring\"\n)\n\nfunc main() {\n engine := scoring.NewEngine(nil)\n card := \u0026agentcard.AgentCard{...}\n\n result, err := engine.Validate(context.Background(), card, true)\n if err != nil {\n panic(err)\n }\n\n fmt.Printf(\"Compliance Score: %.2f\\n\", result.TrustScore)\n}\n```\n\n## ๐Ÿ“ฆ Packages\n\n| Package | Description |\n|---------|-------------|\n| `pkg/badge` | Trust Badge issuance, verification, and error handling |\n| `pkg/did` | did:web parsing and construction |\n| `pkg/trust` | Local trust store for CA keys |\n| `pkg/revocation` | Revocation list caching |\n| `pkg/registry` | Registry interface (Local, Cloud) |\n| `pkg/gateway` | HTTP Gateway middleware |\n| `pkg/agentcard` | Agent Card schema and validation |\n| `pkg/scoring` | Trust scoring engine |\n| `pkg/crypto` | JWKS fetching and key utilities |\n\n## CLI Reference\n\n### `badge issue`\nIssue a new Trust Badge.\n\n```bash\ncapiscio badge issue --self-sign --level 2 --domain example.com\n```\n\n**Flags:**\n* `--self-sign`: Self-sign for development (explicit flag required).\n* `--level`: Trust level: 1 (DV), 2 (OV), or 3 (EV). Default: 1.\n* `--domain`: Agent domain. Default: example.com.\n* `--sub`: Subject DID (did:web format).\n* `--aud`: Audience (comma-separated URLs).\n* `--exp`: Expiration duration. Default: 5m (per RFC-002).\n* `--key`: Path to private key file (JWK).\n* `--iss`: Issuer URL.\n\n### `badge verify`\nVerify a Trust Badge.\n\n```bash\ncapiscio badge verify \"$TOKEN\" --offline\n```\n\n**Flags:**\n* `--offline`: Offline mode (uses trust store).\n* `--key`: Path to public key file (JWK).\n* `--trusted-issuers`: Comma-separated list of trusted issuer URLs.\n* `--audience`: Verifier's identity for audience validation.\n* `--skip-revocation`: Skip revocation check (testing only).\n* `--skip-agent-status`: Skip agent status check (testing only).\n\n### `badge keep`\nRun a daemon to keep a badge automatically renewed.\n\n```bash\ncapiscio badge keep --key private.jwk --sub \"did:web:registry.capisc.io:agents:my-agent\" --out badge.jwt --exp 5m --renew-before 1m\n```\n\n**Flags:**\n* `--key`: Path to private key file (JWK).\n* `--sub`: Subject DID.\n* `--out`: Output file path for the badge.\n* `--exp`: Badge expiration duration. Default: 5m.\n* `--renew-before`: Renew this duration before expiration. Default: 1m.\n* `--ca-url`: CA URL for requesting new badges (optional).\n\n### `gateway start`\nStart the CapiscIO Gateway reverse proxy.\n\n```bash\ncapiscio gateway start --port 8080 --target http://localhost:3000 --local-key public.jwk\n```\n\n**Flags:**\n* `--port`: Gateway listen port. Default: 8080.\n* `--target`: Backend agent URL.\n* `--local-key`: Path to local public key file (for local mode).\n* `--registry-url`: Registry URL (for cloud mode).\n\n### `rpc`\nStart the gRPC server for SDK integration.\n\n```bash\ncapiscio rpc\ncapiscio rpc --socket /tmp/capiscio.sock\ncapiscio rpc --address localhost:50051\n```\n\n**Flags:**\n* `--socket`: Unix socket path (default: ~/.capiscio/rpc.sock).\n* `--address`: TCP address to listen on (e.g., localhost:50051).\n\n### `key gen`\nGenerate a new cryptographic key pair.\n\n```bash\ncapiscio key gen --out-priv private.jwk --out-pub public.jwk\n```\n\n**Flags:**\n* `--out-priv`: Output path for private key (JWK format). Default: private.jwk.\n* `--out-pub`: Output path for public key (JWK format). Default: public.jwk.\n\n### `trust`\nManage the local trust store.\n\n```bash\ncapiscio trust add --from-jwks https://registry.capisc.io/.well-known/jwks.json\ncapiscio trust list\ncapiscio trust remove \u003ckid\u003e\n```\n\n### `validate`\nValidates an Agent Card file or URL.\n\n```bash\ncapiscio validate ./agent-card.json\n```\n\n**Flags:**\n* `--json`: Output results as JSON.\n* `--strict`: Enable strict validation mode (fails on warnings).\n* `--test-live`: Perform live availability checks.\n* `--skip-signature`: Skip JWS signature verification.\n* `--schema-only`: Validate schema only, skip endpoint testing.\n* `--errors-only`: Show only errors and warnings.\n* `--timeout`: Request timeout (default 10s).\n\n## Development\n\n### Prerequisites\n- Go 1.25+\n\n### Testing\n```bash\ngo test ./pkg/...\n```\n\n### Building\n```bash\ngo build ./cmd/capiscio\n```\n\n### Working with capiscio-server\n\nIf you're developing `capiscio-core` alongside `capiscio-server`, use Go workspaces:\n\n```bash\n# In capiscio-server directory, create go.work (gitignored)\ncd ../capiscio-server\ncat \u003e go.work \u003c\u003c 'EOF'\ngo 1.25.9\n\nuse .\nuse ../capiscio-core\nEOF\n```\n\nThis allows `capiscio-server` to use your local `capiscio-core` changes without publishing.\n\n### Publishing a Release\n\nWhen your changes are ready for `capiscio-server` CI/CD:\n\n```bash\n# 1. Commit your changes\ngit add -A \u0026\u0026 git commit -m \"feat: your changes\"\n\n# 2. Tag with semantic version\ngit tag v2.2.4\n\n# 3. Push commit and tag\ngit push origin main v2.2.4\n\n# 4. Update capiscio-server to use the new version\ncd ../capiscio-server\ngo get github.com/capiscio/capiscio-core/v2@v2.2.4\n```\n\n**Version Guidelines:**\n- Patch (`v2.2.x`): Bug fixes, internal refactors\n- Minor (`v2.x.0`): New features, backward-compatible API additions\n- Major (`vX.0.0`): Breaking API changes (requires updating import path)\n\n## Related Packages\n\n| Package | What it does | Install |\n|---------|-------------|---------|\n| [Agent Guard](https://github.com/capiscio/capiscio-sdk-python) | Runtime trust verification for A2A agents (Python) | `pip install capiscio-sdk` |\n| [MCP Guard](https://github.com/capiscio/capiscio-mcp-python) | Trust enforcement for MCP tool servers (Python) | `pip install capiscio-mcp` |\n| [CapiscIO CLI](https://github.com/capiscio/capiscio-python) | Python wrapper for this binary | `pip install capiscio` |\n\n[Documentation](https://docs.capisc.io) ยท [Website](https://capisc.io) ยท [Platform](https://app.capisc.io)\n\n## License\n\nLicensed under the Apache License, Version 2.0. See [LICENSE](LICENSE) for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcapiscio%2Fcapiscio-core","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcapiscio%2Fcapiscio-core","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcapiscio%2Fcapiscio-core/lists"}