{"id":19556620,"url":"https://github.com/falcosecurity/plugins","last_synced_at":"2026-02-13T17:16:25.302Z","repository":{"id":37858500,"uuid":"408613173","full_name":"falcosecurity/plugins","owner":"falcosecurity","description":"Falco plugins registry","archived":false,"fork":false,"pushed_at":"2025-05-07T14:18:05.000Z","size":17297,"stargazers_count":94,"open_issues_count":16,"forks_count":88,"subscribers_count":8,"default_branch":"main","last_synced_at":"2025-05-07T14:29:49.582Z","etag":null,"topics":["falco","falco-plugins","plugin","registry"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/falcosecurity.png","metadata":{"files":{"readme":"README.md","changelog":"changelog-gen.sh","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2021-09-20T22:03:58.000Z","updated_at":"2025-05-07T14:13:55.000Z","dependencies_parsed_at":"2023-09-21T19:18:38.727Z","dependency_job_id":"fbecbdde-8d80-4bcc-966d-c46c41aee085","html_url":"https://github.com/falcosecurity/plugins","commit_stats":{"total_commits":588,"total_committers":45,"mean_commits":"13.066666666666666","dds":0.685374149659864,"last_synced_commit":"904f750adab96bb958e4647c1984bc98a240023a"},"previous_names":[],"tags_count":171,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/falcosecurity%2Fplugins","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/falcosecurity%2Fplugins/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/falcosecurity%2Fplugins/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/falcosecurity%2Fplugins/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/falcosecurity","download_url":"https://codeload.github.com/falcosecurity/plugins/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253387178,"owners_count":21900346,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["falco","falco-plugins","plugin","registry"],"created_at":"2024-11-11T04:38:33.560Z","updated_at":"2026-01-23T13:49:13.863Z","avatar_url":"https://github.com/falcosecurity.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Plugins\n\n[![Falco Core Repository](https://github.com/falcosecurity/evolution/blob/main/repos/badges/falco-core-blue.svg)](https://github.com/falcosecurity/evolution/blob/main/REPOSITORIES.md#core-scope) [![Stable](https://img.shields.io/badge/status-stable-brightgreen?style=for-the-badge)](https://github.com/falcosecurity/evolution/blob/main/REPOSITORIES.md#stable) [![License](https://img.shields.io/github/license/falcosecurity/rules?style=for-the-badge)](./LICENSE)\n\nThis repository is the central hub for the Falco Plugin ecosystem. It serves two main purposes:\n\n- **Be a registry:** A comprehensive catalog of plugins recognized by The Falco Project, regardless of where their source code is hosted.\n- **Monorepo for Falcosecurity plugins:** Official plugins hosted and maintained by The Falco Project, with robust release and distribution processes.\n\nFor more information about the plugin system’s architecture and concepts, please see the [official documentation](https://falco.org/docs/plugins).\n\n---\n\n## Plugin Registry\n\nThe registry contains metadata and information about every plugin known and recognized by the Falcosecurity organization. It lists plugins hosted either in this repository or in other repositories. These plugins are developed for Falco and made available to the community. \n\n\u003e Check out the [Registering a Plugin](./docs/registering-a-plugin.md) to know how to add your plugin to this registry.\n\n### Registered Plugins\n\nThe tables below list all the plugins currently registered. The tables are automatically generated from the [registry.yaml](./registry.yaml) file.\n\n\u003c!-- The text inside \\\u003c!-- REGISTRY:xxx --\\\u003e comments is auto-generated.\nThese comments and the text between them should not be edited by hand --\u003e\n\u003c!-- REGISTRY:TABLE --\u003e\n| Name | Capabilities | Description\n| --- | --- | --- |\n| plugin-id-zero-value | **Event Sourcing** \u003cbr/\u003eID: 0 \u003cbr/\u003e`` | This ID is reserved for particular purposes and cannot be registered. A plugin author should not use this ID unless specified by the documentation.  \u003cbr/\u003e\u003cbr/\u003e Authors: N/A \u003cbr/\u003e License: N/A |\n| test | **Event Sourcing** \u003cbr/\u003eID: 999 \u003cbr/\u003e`test` | This ID is reserved for source plugin development. Any plugin author can use this ID, but authors can expect events from other developers with this ID. After development is complete, the author should request an actual ID  \u003cbr/\u003e\u003cbr/\u003e Authors: N/A \u003cbr/\u003e License: N/A |\n| [k8saudit](https://github.com/falcosecurity/plugins/tree/main/plugins/k8saudit) | **Event Sourcing** \u003cbr/\u003eID: 1 \u003cbr/\u003e`k8s_audit` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `k8s_audit` | Read Kubernetes Audit Events and monitor Kubernetes Clusters  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [cloudtrail](https://github.com/falcosecurity/plugins/tree/main/plugins/cloudtrail) | **Event Sourcing** \u003cbr/\u003eID: 2 \u003cbr/\u003e`aws_cloudtrail` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `aws_cloudtrail` | Reads Cloudtrail JSON logs from files/S3 and injects as events  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [json](https://github.com/falcosecurity/plugins/tree/main/plugins/json) | **Field Extraction** \u003cbr/\u003e *All Sources* | Extract values from any JSON payload  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [dummy](https://github.com/falcosecurity/plugins/tree/main/plugins/dummy) | **Event Sourcing** \u003cbr/\u003eID: 3 \u003cbr/\u003e`dummy` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `dummy` | Reference plugin used to document interface  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [dummy_c](https://github.com/falcosecurity/plugins/tree/main/plugins/dummy_c) | **Event Sourcing** \u003cbr/\u003eID: 4 \u003cbr/\u003e`dummy_c` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `dummy_c` | Like dummy, but written in C++  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [docker](https://github.com/Issif/docker-plugin) | **Event Sourcing** \u003cbr/\u003eID: 5 \u003cbr/\u003e`docker` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `docker` | Docker Events  \u003cbr/\u003e\u003cbr/\u003e Authors: [Thomas Labarussias](https://github.com/Issif) \u003cbr/\u003e License: Apache-2.0 |\n| [seccompagent](https://github.com/kinvolk/seccompagent) | **Event Sourcing** \u003cbr/\u003eID: 6 \u003cbr/\u003e`seccompagent` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `seccompagent` | Seccomp Agent Events  \u003cbr/\u003e\u003cbr/\u003e Authors: [Alban Crequy](https://github.com/kinvolk/seccompagent) \u003cbr/\u003e License: Apache-2.0 |\n| [okta](https://github.com/falcosecurity/plugins/tree/main/plugins/okta) | **Event Sourcing** \u003cbr/\u003eID: 7 \u003cbr/\u003e`okta` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `okta` | Okta Log Events  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [github](https://github.com/falcosecurity/plugins/tree/main/plugins/github) | **Event Sourcing** \u003cbr/\u003eID: 8 \u003cbr/\u003e`github` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `github` | Github Webhook Events  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [k8saudit-eks](https://github.com/falcosecurity/plugins/tree/main/plugins/k8saudit-eks) | **Event Sourcing** \u003cbr/\u003eID: 9 \u003cbr/\u003e`k8s_audit` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `k8s_audit` | Read Kubernetes Audit Events from AWS EKS Clusters  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [nomad](https://github.com/albertollamaso/nomad-plugin/tree/main) | **Event Sourcing** \u003cbr/\u003eID: 10 \u003cbr/\u003e`nomad` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `nomad` | Read Hashicorp Nomad Events Stream  \u003cbr/\u003e\u003cbr/\u003e Authors: [Alberto Llamas](https://github.com/albertollamaso/nomad-plugin/issues) \u003cbr/\u003e License: Apache-2.0 |\n| [dnscollector](https://github.com/SysdigDan/dnscollector-falco-plugin) | **Event Sourcing** \u003cbr/\u003eID: 11 \u003cbr/\u003e`dnscollector` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `dnscollector` | DNS Collector Events  \u003cbr/\u003e\u003cbr/\u003e Authors: [Daniel Moloney](https://github.com/SysdigDan/dnscollector-falco-plugin/issues) \u003cbr/\u003e License: Apache-2.0 |\n| [gcpaudit](https://github.com/falcosecurity/plugins/tree/main/plugins/gcpaudit) | **Event Sourcing** \u003cbr/\u003eID: 12 \u003cbr/\u003e`gcp_auditlog` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `gcp_auditlog` | Read GCP Audit Logs  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [syslogsrv](https://github.com/nabokihms/syslogsrv-falco-plugin/tree/main/plugins/syslogsrv) | **Event Sourcing** \u003cbr/\u003eID: 13 \u003cbr/\u003e`syslogsrv` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `syslogsrv` | Syslog Server Events  \u003cbr/\u003e\u003cbr/\u003e Authors: [Maksim Nabokikh](https://github.com/nabokihms/syslogsrv-falco-plugin/issues) \u003cbr/\u003e License: Apache-2.0 |\n| [salesforce](https://github.com/an1245/falco-plugin-salesforce/) | **Event Sourcing** \u003cbr/\u003eID: 14 \u003cbr/\u003e`salesforce` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `salesforce` | Falco plugin providing basic runtime threat detection and auditing logging for Salesforce  \u003cbr/\u003e\u003cbr/\u003e Authors: [Andy](https://github.com/an1245/falco-plugin-salesforce/issues) \u003cbr/\u003e License: Apache-2.0 |\n| [box](https://github.com/an1245/falco-plugin-box/) | **Event Sourcing** \u003cbr/\u003eID: 15 \u003cbr/\u003e`box` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `box` | Falco plugin providing basic runtime threat detection and auditing logging for Box  \u003cbr/\u003e\u003cbr/\u003e Authors: [Andy](https://github.com/an1245/falco-plugin-box/issues) \u003cbr/\u003e License: Apache-2.0 |\n| [k8smeta](https://github.com/falcosecurity/plugins/tree/main/plugins/k8smeta) | **Field Extraction** \u003cbr/\u003e `syscall` | Enriche Falco syscall flow with Kubernetes Metadata  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [k8saudit-gke](https://github.com/falcosecurity/plugins/tree/main/plugins/k8saudit-gke) | **Event Sourcing** \u003cbr/\u003eID: 16 \u003cbr/\u003e`k8s_audit` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `k8s_audit` | Read Kubernetes Audit Events from GKE Clusters  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [journald](https://github.com/gnosek/falco-journald-plugin) | **Event Sourcing** \u003cbr/\u003eID: 17 \u003cbr/\u003e`journal` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `journal` | Read Journald events into Falco  \u003cbr/\u003e\u003cbr/\u003e Authors: [Grzegorz Nosek](https://github.com/gnosek/falco-journald-plugin) \u003cbr/\u003e License: Apache-2.0 |\n| [kafka](https://github.com/falcosecurity/plugins/tree/main/plugins/kafka) | **Event Sourcing** \u003cbr/\u003eID: 18 \u003cbr/\u003e`kafka` | Read events from Kafka topics into Falco  \u003cbr/\u003e\u003cbr/\u003e Authors: [Hunter Madison](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [gitlab](https://github.com/an1245/falco-plugin-gitlab) | **Event Sourcing** \u003cbr/\u003eID: 19 \u003cbr/\u003e`gitlab` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `gitlab` | Falco plugin providing basic runtime threat detection and auditing logging for GitLab  \u003cbr/\u003e\u003cbr/\u003e Authors: [Andy](https://github.com/an1245/falco-plugin-gitlab/issues) \u003cbr/\u003e License: Apache-2.0 |\n| [keycloak](https://github.com/mattiaforc/falco-keycloak-plugin) | **Event Sourcing** \u003cbr/\u003eID: 20 \u003cbr/\u003e`keycloak` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `keycloak` | Falco plugin for sourcing and extracting Keycloak user/admin events  \u003cbr/\u003e\u003cbr/\u003e Authors: [Mattia Forcellese](https://github.com/mattiaforc/falco-keycloak-plugin/issues) \u003cbr/\u003e License: Apache-2.0 |\n| [k8saudit-aks](https://github.com/falcosecurity/plugins/tree/main/plugins/k8saudit-aks) | **Event Sourcing** \u003cbr/\u003eID: 21 \u003cbr/\u003e`k8s_audit` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `k8s_audit` | Read Kubernetes Audit Events from Azure AKS Clusters  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [k8saudit-ovh](https://github.com/falcosecurity/plugins/tree/main/plugins/k8saudit-ovh) | **Event Sourcing** \u003cbr/\u003eID: 22 \u003cbr/\u003e`k8s_audit` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `k8s_audit` | Read Kubernetes Audit Events from OVHcloud MKS Clusters  \u003cbr/\u003e\u003cbr/\u003e Authors: [Aurélie Vache](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [dummy_rs](https://github.com/falcosecurity/plugins/tree/main/plugins/dummy_rs) | **Event Sourcing** \u003cbr/\u003eID: 23 \u003cbr/\u003e`dummy_rs` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `dummy_rs` | Like dummy, but written in Rust  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [container](https://github.com/falcosecurity/plugins/tree/main/plugins/container) | **Field Extraction** \u003cbr/\u003e `syscall` | Enriche Falco syscall flow with Container Metadata  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [krsi](https://github.com/falcosecurity/plugins/tree/main/plugins/krsi) | **Field Extraction** \u003cbr/\u003e `syscall` | Security (KRSI) events support for Falco  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [collector](https://github.com/falcosecurity/plugins/tree/main/plugins/collector) | **Event Sourcing** \u003cbr/\u003eID: 24 \u003cbr/\u003e`collector` | Generic collector to ingest raw payloads into Falco  \u003cbr/\u003e\u003cbr/\u003e Authors: [The Falco Authors](https://falco.org/community) \u003cbr/\u003e License: Apache-2.0 |\n| [awselb](https://github.com/yukinakanaka/falco-plugin-aws-elb) | **Event Sourcing** \u003cbr/\u003eID: 25 \u003cbr/\u003e`awselb` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `awselb` | AWS Elastic Load Balancer access logs events  \u003cbr/\u003e\u003cbr/\u003e Authors: [Yuki Nakamura](https://github.com/yukinakanaka/falco-plugin-aws-elb/issues) \u003cbr/\u003e License: Apache-2.0 |\n| [edera](https://github.com/edera-dev/falco_plugin/) | **Event Sourcing** \u003cbr/\u003eID: 26 \u003cbr/\u003e`edera_zone` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `edera_zone` | A Falco plugin for forwarding libscap events out of Edera zones.  \u003cbr/\u003e\u003cbr/\u003e Authors: [Edera](contact@edera.dev) \u003cbr/\u003e License: Apache-2.0 |\n| [nginx](https://github.com/takaosgb3/falco-plugin-nginx) | **Event Sourcing** \u003cbr/\u003eID: 27 \u003cbr/\u003e`nginx` \u003cbr/\u003e**Field Extraction** \u003cbr/\u003e `nginx` | Real-time nginx access log monitoring for security threats.\nDetects SQL injection, XSS, path traversal, command injection,\nbrute force attacks, and OWASP Top 10 vulnerabilities.\n  \u003cbr/\u003e\u003cbr/\u003e Authors: [takaosgb3](https://github.com/takaosgb3/falco-plugin-nginx/issues) \u003cbr/\u003e License: Apache-2.0 |\n\n\u003c!-- REGISTRY:TABLE --\u003e\n\n## Falcosecurity Plugins\n\nAlong with the registry, this repository hosts the official plugins maintained by the Falcosecurity organization. Each plugin is an independent project with its own directory in the [plugins folder](https://github.com/falcosecurity/plugins/tree/main/plugins).\n\nThe `main` branch reflects the latest development state, and plugins are released on a regular basis. Development builds are published automatically when a Pull Request is merged into `main`, while stable builds are released only when a new tag is created. You can find all published artifacts at [download.falco.org](https://download.falco.org/?prefix=plugins). For details on the release process, please see our [Release Process](./release.md).\n\nThe instructions below explain how to install and apply only to plugins from this repository.\n\n### Installing Plugins\n\nPlugins hosted in this repository are built and distributed through Falco's official channels. You can easily install them using either [falcoctl](https://github.com/falcosecurity/falcoctl) or the [Falco Helm chart](https://github.com/falcosecurity/charts/tree/master/charts/falco).\n\n#### Using falcoctl\n\n1. **Install falcoctl:** If you haven't already, follow the [falcoctl installation guide](https://github.com/falcosecurity/falcoctl?tab=readme-ov-file#installation).\n2. **Install a Plugin:** Execute the following command, replacing `\u003cplugin-name\u003e` with the name of the plugin you wish to install:\n   ```bash\n   falcoctl index update falcosecurity\n   falcoctl artifact install \u003cplugin-name\u003e\n   ```\n    \u003e Depending on your environment, you may need to run the above commands with `sudo`.\n3. Configure Falco to load the plugin as described in the [plugin's documentation](https://falco.org/docs/concepts/plugins/usage/#loading-plugins-in-falco).\n\n\n#### Using the Falco Helm Chart\n\nWhen installing Falco using the Helm chart, you can instruct the chart to install a specific plugin by setting the `falcoctl.config.artifact.install.refs` value and then adding the relevant plugin configuration under `falco`. \n\nThe Helm charts provides a preset [values-k8saudit.yaml](https://github.com/falcosecurity/charts/blob/master/charts/falco/values-k8saudit.yaml) file that can be used to install the `k8saudit` plugin or as example for installing other plugins.\n\n## Contributing\n\nIf you want to help and wish to contribute, please review our [contribution guidelines](https://github.com/falcosecurity/.github/blob/main/CONTRIBUTING.md). Code contributions are always encouraged and welcome!\n\nIf you wish to contribute a plugin to The Falco Project, simply open a Pull Request to add your plugin to the `/plugins` folder and [update the registry accordingly](./docs/registering-a-plugin.md). Note that to be hosted in this repository, plugins must be licensed under the [Apache 2.0 License](./LICENSE).\n\n### Enforcing coding style and repo policies locally\n\nThis repository supports enforcing coding style and policies locally through the `pre-commit` framework. `pre-commit`\nallows to automatically install `git-hooks` that will be executed at every new commit. The following is the list of\n`git-hooks` defined in `.pre-commit-config.yaml` (notice that some of them only target files written in a specific\nlanguage):\n1. the `rust-fmt` hook - a `pre-commit` git hook running `rust fmt` on the staged changes\n2. the `dco` hook - a `pre-commit-msg` git hook running adding the `DCO` on the commit if not present\n\nThe following steps describe how to install these hooks.\n\n##### Step 1\n\nInstall `pre-commit` framework following the [official documentation](https://pre-commit.com/#installation).\n\n\u003e __Please note__: you have to follow only the \"Installation\" section.\n\n#### Step 2\n\nInstall `pre-commit` git hooks:\n```bash\npre-commit install --hook-type pre-commit --hook-type prepare-commit-msg  --overwrite\n```\n\n## License\n\nThis project is licensed to you under the [Apache 2.0 Open Source License](./LICENSE).\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffalcosecurity%2Fplugins","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffalcosecurity%2Fplugins","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffalcosecurity%2Fplugins/lists"}