OpenAI announced on March 9, 2026 that it is acquiring Promptfoo, the open-source AI security testing platform. The deal folds Promptfoo’s red-team, eval, and vulnerability-detection tooling into OpenAI Frontier, the enterprise platform for building and operating AI coworkers.
About Promptfoo:
- Founded 2024 by Ian Webster and Michael D’Angelo
- Open-source security testing framework for LLM applications
- Adopted by 25%+ of Fortune 500 companies
- Specializes in prompt injection detection, jailbreak evaluation, data-leak testing, tool-misuse detection, out-of-policy agent behavior detection
Deal structure:
- Full team joins OpenAI
- Terms not disclosed
- Promptfoo stays open source under current license (notable; many acquisitions close source post-acquisition)
- Existing customers continue to be serviced
Why OpenAI bought Promptfoo:
Agentic AI security is now the binding constraint on enterprise adoption. A ChatGPT or Claude Agent that executes code, accesses files, and calls APIs is a significantly larger attack surface than a pure chat LLM. Prompt injections can exfiltrate data, jailbreaks can make agents take unauthorized actions, and tool misuse can cascade into production incidents.
OpenAI’s April 16 Agents SDK update shipped native sandbox execution as a core security primitive. Promptfoo adds the evaluation layer on top: a harness for red-teaming agents before they reach production.
The acquisition spree:
Promptfoo is OpenAI’s sixth acquisition of 2026 through April, matching the full-year total for 2025. Recent buys:
- Promptfoo (March 9): AI security
- Astral (March 19): open-source Python tools (Ruff, uv)
- Hiro Finance (April 14): personal finance
- Plus three more disclosed earlier
The pattern: OpenAI is aggressively buying developer-facing infrastructure layers. Astral’s acquisition gave it control of two of the most-used Python tooling projects. Promptfoo adds the dominant open-source LLM security testing framework.
For the category: Standalone AI security testing startups (Lakera, Prompt Armor, Lasso Security) now have OpenAI-integrated Promptfoo as the default option. Differentiation pressure rises.
Sources
- OpenAI: OpenAI to acquire Promptfoo
- CNBC: OpenAI to buy cybersecurity startup Promptfoo
- Promptfoo: joining OpenAI
- Crunchbase: OpenAI 2026 acquisitions data
Sources
Primary and corroborating references used for this news item.
Spotted an error or want to share your experience with OpenAI Acquires Promptfoo to Strengthen Agentic Security Testing?
Every tool page is re-verified on a recurring cycle, and corrections land faster when readers flag them directly. If you spot a stale fact, a missing capability, or have used OpenAI Acquires Promptfoo to Strengthen Agentic Security Testing and want to share what worked or didn't, the editorial desk reviews every message sent through this form.
Email editorial@aipedia.wiki