Comparison
mcp-trust-plane vs kubeshark
Verdict
Pick mcp-trust-plane when mcp-trust-plane is primarily JavaScript; kubeshark is Go; pick kubeshark when kubeshark is primarily Go; mcp-trust-plane is JavaScript.
Markdown twin · mcp-trust-plane alternatives · kubeshark alternatives
GraphCanon updated today
vs
Trust & integrity
| Signal | mcp-trust-plane | kubeshark |
|---|---|---|
| Maintenance | Active (25d since push) As of today · github_public_v1 | Very active (5d since push) As of 4d · github_public_v1 |
| Provenance | Not a fork · Organization account As of today · github_public_v1 | Not a fork · Organization account As of 4d · github_public_v1 |
| OSV dependency advisories | No lockfile (source not queried) As of today · osv@v1 | No lockfile (source not queried) As of 4d · osv@v1 |
| deps.dev advisories | Not queried deps.dev@v1 | Not queried deps.dev@v1 |
| OpenSSF Scorecard | Not queried openssf-scorecard@v1 | Not queried openssf-scorecard@v1 |
Tagline
- mcp-trust-plane
- Pluggable security framework for MCP traffic
- kubeshark
- eBPF-powered network observability for Kubernetes. Indexes L4/L7 traffic with full K8s context, decrypts TLS without keys. Queryable by AI agents via MCP and humans via dashboard.
Stars
- mcp-trust-plane
- 59
- kubeshark
- 12k
Forks
- mcp-trust-plane
- 14
- kubeshark
- 543
Open issues
- mcp-trust-plane
- 0
- kubeshark
- 146
Language
- mcp-trust-plane
- JavaScript
- kubeshark
- Go
Adopt for
- mcp-trust-plane
- MCP Trust Plane is designed for organizations that need to enforce security policies on MCP traffic without modifying core components of the protocol stack.
- kubeshark
- -
Persona
- mcp-trust-plane
- -
- kubeshark
- -
Runtime
- mcp-trust-plane
- -
- kubeshark
- -
License
- mcp-trust-plane
- Apache-2.0
- kubeshark
- Apache-2.0
Last pushed
- mcp-trust-plane
- Jun 19, 2026
- kubeshark
- Jul 6, 2026
Categories
- mcp-trust-plane
- AI Agents, Evaluation & Observability
- kubeshark
- AI Agents, Developer Tools, Evaluation & Observability
Trust and health
Maintenance
- mcp-trust-plane
- Active (82%)
- kubeshark
- Very active (96%)
Days since push
- mcp-trust-plane
- 25d
- kubeshark
- 5d
Open issues (now)
- mcp-trust-plane
- 0
- kubeshark
- 146
Full report
- mcp-trust-plane
- Trust report
- kubeshark
- Trust report
Choose mcp-trust-plane if…
- mcp-trust-plane is primarily JavaScript; kubeshark is Go.
- Pricing: MCP Trust Plane is open-source under Apache 2.0, making it available at no cost but provides flexibility to extend commercially through proprietary filter implementations..
- Requirements: Min 1 GB RAM.
- Tags unique to mcp-trust-plane: access-control, ai-agents, data-governance-and-ai, data-security.
- mcp-trust-plane ships Docker support for self-hosted deployment.
- MCP Trust Plane should be used when you require granular control over tool calls in your MCP-enabled systems, such as enforcing PII redaction or operation blocking.
When NOT to use mcp-trust-plane
- Avoid MCP Trust Plane if your security needs do not require modification of traffic post-response, as it introduces an additional layer of complexity and latency.
- MCP Trust Plane may not be the best choice for environments that strictly enforce language-specific policies since its filters are written in any language and must comply with a strict contract.
Choose kubeshark if…
- kubeshark is primarily Go; mcp-trust-plane is JavaScript.
- Tags unique to kubeshark: cloud-native, devops, docker, ebpf.
- Also covers Developer Tools.
When NOT to use kubeshark
- AI Agents: Don't use an agent loop when a deterministic workflow would do; agents add latency, cost, and non-determinism.
- Developer Tools: A gateway is overkill when you're pinned to a single provider and model.
- Evaluation & Observability: Defer heavyweight eval infra only until you have real traffic - never skip it once users depend on answers.
Explore
Sources
Every stat on this page traces to a dated GitHub sync, license file, enrichment field, or trust scan.
- GitHub stars (abluva-research/mcp-trust-plane) · observed Jul 15, 2026
- GitHub forks (abluva-research/mcp-trust-plane) · observed Jul 15, 2026
- Last push (abluva-research/mcp-trust-plane) · observed Jun 19, 2026
- License file (Apache-2.0) · observed Jul 15, 2026
- Decision facts (enrichment) · observed Jul 15, 2026
- Trust scan (lockfile / OSV) · observed Jul 15, 2026
- GitHub stars (kubeshark/kubeshark) · observed Jul 11, 2026
- GitHub forks (kubeshark/kubeshark) · observed Jul 11, 2026
- Last push (kubeshark/kubeshark) · observed Jul 6, 2026
- License file (Apache-2.0) · observed Jul 11, 2026
- Trust scan (lockfile / OSV) · observed Jul 11, 2026
GitHub stars on cards: mcp-trust-plane 59 · kubeshark 12k (synced Jul 15, 2026).
Common questions
- What is the difference between mcp-trust-plane and kubeshark?
- mcp-trust-plane: Pluggable security framework for MCP traffic. kubeshark: eBPF-powered network observability for Kubernetes. Indexes L4/L7 traffic with full K8s context, decrypts TLS without keys. Queryable by AI agents via MCP and humans via dashboard.. See the comparison table for live GitHub stats and shared categories.
- When should I choose mcp-trust-plane over kubeshark?
- Choose mcp-trust-plane over kubeshark when mcp-trust-plane is primarily JavaScript; kubeshark is Go; Pricing: MCP Trust Plane is open-source under Apache 2.0, making it available at no cost but provides flexibility to extend commercially through proprietary filter implementations.; Requirements: Min 1 GB RAM; Tags unique to mcp-trust-plane: access-control, ai-agents, data-governance-and-ai, data-security; mcp-trust-plane ships Docker support for self-hosted deployment; MCP Trust Plane should be used when you require granular control over tool calls in your MCP-enabled systems, such as enforcing PII redaction or operation blocking.
- When should I choose kubeshark over mcp-trust-plane?
- Choose kubeshark over mcp-trust-plane when kubeshark is primarily Go; mcp-trust-plane is JavaScript; Tags unique to kubeshark: cloud-native, devops, docker, ebpf; Also covers Developer Tools.
- When should I avoid mcp-trust-plane?
- Avoid MCP Trust Plane if your security needs do not require modification of traffic post-response, as it introduces an additional layer of complexity and latency. MCP Trust Plane may not be the best choice for environments that strictly enforce language-specific policies since its filters are written in any language and must comply with a strict contract.
- When should I avoid kubeshark?
- AI Agents: Don't use an agent loop when a deterministic workflow would do; agents add latency, cost, and non-determinism. Developer Tools: A gateway is overkill when you're pinned to a single provider and model. Evaluation & Observability: Defer heavyweight eval infra only until you have real traffic - never skip it once users depend on answers.
- Is mcp-trust-plane or kubeshark more popular on GitHub?
- kubeshark has more GitHub stars (11,994 vs 59). Stars measure visibility, not whether either tool fits your constraints.
- Are mcp-trust-plane and kubeshark open source?
- Yes - both are open-source projects on GitHub (mcp-trust-plane: Apache-2.0, kubeshark: Apache-2.0).
- Where can I find alternatives to mcp-trust-plane or kubeshark?
- GraphCanon lists graph-backed alternatives at mcp-trust-plane alternatives and kubeshark alternatives (mcp-trust-plane markdown twin, kubeshark markdown twin), ranked by typed relationship edges rather than popularity votes.
- Is there a machine-readable version of this comparison?
- Yes. The markdown twin at this comparison mirrors this page for agents and LLM crawlers, with the same stats table and FAQ answers.
- Which is better maintained, mcp-trust-plane or kubeshark?
- mcp-trust-plane: Active. kubeshark: Very active. Compare maintenance labels, days since push, and release cadence in the trust section below - stars alone do not measure maintenance.
- Where are the full trust reports for mcp-trust-plane and kubeshark?
- GraphCanon publishes per-repo trust reports with dated maintenance, provenance, and scan summaries: mcp-trust-plane trust report; kubeshark trust report.