Skip to main content
Tool Infrastructure freemium active 8-8.9
8.8/10 Strong
Active

Community free / Enterprise custom / On-Premise custom

Best plan

Use Community for local evals and small-team red teaming...

Risk: Red-team and vulnerability tests are only useful when...

Try promptfoo free

Editorial · no paid placements

Should you use it?

promptfoo is an open-source LLM eval and AI security testing platform. Pick it when red teaming, jailbreak tests, vulnerability scanning, guardrails, model security, MCP proxy risk, code scanning, and compliance evidence matter before launch. Compare Braintrust for eval operations, Portkey or Helicone for gateway control, and LangSmith for LangChain-native tracing.

  • Buy if Teams red-teaming LLM apps before launch
  • Pick Use Community for local evals and small-team red teaming, Enterprise when teams need managed cloud, collaboration, continuous monitoring, dashboards, SSO, API access, and support, and On-Premise when infrastructure control and data isolation are mandatory
  • Skip if Buyers who only need provider routing and cost logs

Plan guidance

What to buy

Best plan Use Community for local evals and small-team red teaming, Enterprise when teams need managed cloud, collaboration, continuous monitoring, dashboards, SSO, API access, and support, and On-Premise when infrastructure control and data isolation are mandatory

Watch: Red-team and vulnerability tests are only useful when...

Price range Community free / Enterprise custom / On-Premise custom

Free Forever

Upgrade only if Not for buyers who only need provider routing and cost logs

Red-team and vulnerability tests are only useful when...

Current pricing source: promptfoo pricing

Fit

Use it for this, skip it for that

Best for

  • Teams red-teaming LLM apps before launch
  • Developers who need local evals across models, prompts, and RAG pipelines
  • Security and compliance teams testing jailbreaks, data leakage, and unsafe behavior
  • Organizations that need managed cloud or on-prem deployment for AI security workflows

Avoid if

  • Buyers who only need provider routing and cost logs
  • Teams with no owner for remediation and false-positive review
  • Simple prototypes that do not yet have a real target app
  • Buyers who need a general workflow automation canvas
Watch out
Red-team and vulnerability tests are only useful when mapped to real target apps, owned remediation workflows, false-positive review, compliance evidence, and repeatable release gates.

Recent changes

Only what affects the decision

  1. Community

    Listed as open source for individual developers and small teams, with LLM evaluation features, integrations, 10k red-team probes/month, local or self-hosted use, vulnerability scanning, and...

    promptfoo pricing
  2. Enterprise

    Adds custom red-team limits, team sharing, continuous monitoring, centralized security/compliance dashboard, attack profiles, SSO, API access, managed cloud, professional services, priority...

    promptfoo pricing
  3. On-Premise

    Listed for teams that need full infrastructure control, all Enterprise features, deployment on owned infrastructure, data isolation, dedicated runner, and assigned deployment engineer

    promptfoo pricing

Alternatives

Best swaps

Build comparison
Proof and score math Verified Jun 28

Proof

Why this recommendation is trusted

Source
Registered source
Freshness
Current
Confidence
High confidence
Verified
Review
Volatility
Volatile

High-volatility evidence needs frequent review.

Editorial score

Unweighted average of 4 axes · confidence high

  • Utility 9/10

    How much real work it can do for a competent operator, end to end.

  • Value 9/10

    What you get for the dollar relative to the closest alternative.

  • Moat 8/10

    How hard it would be for a competitor to replicate the underlying advantage.

  • Longevity 9/10

    How likely the product is to still be best-in-class 24 months out.

Verified facts

  1. Best For Teams testing LLM applications for eval quality, red-team vulnerabilities, guardrail behavior, model security issues, MCP proxy risk, code scanning, and compliance workflows.
    high Drifts 2026-06-28 promptfoo pricing
  2. Pricing Anchor promptfoo pricing lists Community as Free Forever, Enterprise as Custom, and On-Premise as Custom.
    high Volatile 2026-06-28 promptfoo pricing
  3. Watch Out For Red-team and vulnerability tests are only useful when mapped to real target apps, owned remediation workflows, false-positive review, compliance evidence, and repeatable release gates.
    high Drifts 2026-06-28 promptfoo docs
  4. Open Source Or Local The promptfoo repository is MIT licensed, and the Community plan is positioned as a free open-source tool that can run locally or self-host on the buyer's own infrastructure.
    high Drifts 2026-06-28 promptfoo license
  5. Acquisition Status promptfoo says it is now part of OpenAI, while OpenAI announced on March 9, 2026 that it would acquire promptfoo subject to customary closing conditions.
    high Volatile 2026-06-28 OpenAI promptfoo acquisition announcement
Full review notes Long-form details, FAQ, and source history

promptfoo is an LLM evaluation and AI security testing platform. It is used for prompt and model evals, red teaming, vulnerability scanning, guardrail testing, model security, MCP proxy checks, code scanning, and continuous monitoring.

The important June 2026 context: promptfoo says it is now part of OpenAI, and OpenAI announced on March 9, 2026 that it would acquire promptfoo subject to customary closing conditions. The open-source project continues to matter because the Community path is still the entry point for local evals and small teams.

System Verdict

Pick promptfoo when failure testing is the job. It is strongest for teams that need local evals, red-team probes, jailbreak proxy review, and compliance-oriented reporting.

Skip it when routing is the main problem. Portkey or Helicone fit better when the buyer needs a live traffic gateway before model providers.

Best plan guidance: use Community for local evals and small-team testing. Use Enterprise when teams need collaboration, continuous monitoring, dashboards, SSO, API access, managed cloud, services, and support. Use On-Premise when data isolation and owned infrastructure are mandatory.

Key Facts

Core job, guardrails proxy, code scanning
CommunityFree Forever, open source, local or self-hosted
Community red teaming10k probes/month
EnterpriseCustom, with collaboration, monitoring, dashboards, SSO, API access, managed cloud, support
On-PremiseCustom, with owned-infrastructure deployment and data isolation
LicenseMIT license for the repository
Company statuspromptfoo says it is now part of OpenAI; OpenAI announced an acquisition agreement on March 9, 2026

When To Pick promptfoo

  • You need red-team coverage before launch. promptfoo is built for finding jailbreaks, unsafe outputs, data leakage, and app-specific vulnerabilities.
  • You need repeatable evals. Local and self-hosted evals help teams compare prompts, models, RAG outputs, and application behavior.
  • You need security workflows. Enterprise adds collaboration, continuous monitoring, centralized dashboards, attack profiles, SSO, API access, and support.
  • You are testing MCP exposure. MCP proxy and related security testing matter as agent tools become production surfaces.
  • You need open-source leverage. Community is the right starting point when a developer wants local runs before a managed or on-prem decision.

When To Pick Something Else

  • Eval operations and release workflow: Braintrust when datasets, experiments, human review, scores, and production monitoring are the main buying job.
  • Gateway and governance: Portkey when routing, keys, provider logs, guardrails, and policy enforcement need to sit in live traffic.
  • Open-source observability/gateway: Helicone when the team wants request logging, cost tracking, caching, failover, and gateway controls.
  • LangChain operations: LangSmith when LangGraph/LangChain traces and deployments need a first-party home.
  • App building: Dify or Flowise when the missing tool is a visual AI app builder, not a test harness.

Pricing

promptfoo pricing was checked on June 28, 2026 against the official pricing page.

PlanPriceIncluded shapeBuyer fit
CommunityFree ForeverOpen-source, local or self-hosted, all LLM eval features, model providers, integrations, 10k red-team probes/month, vulnerability scanningDevelopers, small teams, local evals
EnterpriseCustomCustom red-team limits, collaboration, continuous monitoring, compliance dashboard, attack profiles, SSO, API access, managed cloud, support, SLASecurity and product teams operating shared AI apps
On-PremiseCustomAll Enterprise features, deployment on owned infrastructure, complete data isolation, dedicated runner, deployment engineerRegulated teams and strict data-control environments

The practical buying advice: Community is enough to prove whether the test harness fits. Enterprise or On-Premise becomes relevant when test results need to become organizational evidence, not only developer output.

Failure Modes

  • Red-team probes can become theater. Tests need to match the real app, tools, data, policies, and user pathways.
  • False positives need triage. Security tests require owner review, remediation workflow, and retest standards.
  • Custom targets need maintenance. As the app changes, eval config and attack profiles need to change too.
  • OpenAI ownership changes procurement. Teams should verify support, roadmap, data handling, and contract path after the acquisition update.
  • Security testing is not runtime enforcement. Pair promptfoo with gateway, guardrail, permission, and monitoring controls where live traffic needs protection.

Methodology

This page was produced by the aipedia.wiki editorial pipeline. Scoring follows the four-dimension rubric at /about/scoring/ (Utility x Value x Moat x Longevity, unweighted average). Last verified 2026-06-28 against promptfoo pricing, docs, OpenAI acquisition material, the promptfoo acquisition update, and the promptfoo license.

FAQ

Is promptfoo free? Yes for Community. promptfoo lists Community as Free Forever and open source, with local or self-hosted use.

Is promptfoo part of OpenAI? promptfoo says it is now part of OpenAI. OpenAI announced on March 9, 2026 that it would acquire promptfoo subject to customary closing conditions.

promptfoo vs Braintrust? promptfoo is stronger for red teaming, vulnerability scanning, guardrails, and AI security testing. Braintrust is stronger for eval operations, datasets, experiments, scored outputs, and release-quality workflows.

Sources

Share LinkedIn
Was this review helpful?
Embed this score on your site Free. Links back.
promptfoo editorial score badge
<a href="https://aipedia.wiki/tools/promptfoo/" target="_blank" rel="noopener"><img src="https://aipedia.wiki/badges/promptfoo.svg" alt="promptfoo on aipedia.wiki" width="260" height="72" /></a>
[![promptfoo on aipedia.wiki](https://aipedia.wiki/badges/promptfoo.svg)](https://aipedia.wiki/tools/promptfoo/)

Badge value auto-updates if the editorial score changes. Attribution via the link is required.

Cite this page For journalists, researchers, and bloggers
According to aipedia.wiki Editorial at aipedia.wiki (https://aipedia.wiki/tools/promptfoo/)
aipedia.wiki Editorial. (2026). promptfoo: Editorial Review. aipedia.wiki. Retrieved July 2, 2026, from https://aipedia.wiki/tools/promptfoo/
aipedia.wiki Editorial. "promptfoo: Editorial Review." aipedia.wiki, 2026, https://aipedia.wiki/tools/promptfoo/. Accessed July 2, 2026.
aipedia.wiki Editorial. 2026. "promptfoo: Editorial Review." aipedia.wiki. https://aipedia.wiki/tools/promptfoo/.
@misc{promptfoo-editorial-review-2026, author = {{aipedia.wiki Editorial}}, title = {promptfoo: Editorial Review}, year = {2026}, publisher = {aipedia.wiki}, url = {https://aipedia.wiki/tools/promptfoo/}, note = {Accessed: 2026-07-02} }
Spotted an error or want to share your experience with promptfoo?

Every tool page is re-verified on a recurring cycle, and corrections land faster when readers flag them directly. If you spot a stale fact, a missing capability, or have used promptfoo and want to share what worked or didn't, the editorial desk reviews every message sent through this form.

Email editorial@aipedia.wiki
Report outdated info Help us keep this page accurate