OpenAI said it is acquiring Promptfoo to strengthen agent security testing and evaluation in Frontier while keeping Promptfoo open source and supporting current customers. Enterprises deploying AI agents should expect more native red-teaming and policy testing in OpenAI’s stack.
OpenAI’s announcement says the Promptfoo acquisition is specifically about improving Frontier’s security testing and evaluation for agents, not a general acquihire or brand partnership agentic security testing. The company’s wording is narrow but consequential: Promptfoo’s core value is in testing, red-teaming, and finding failure modes before agentic systems touch real workflows.
That matches how others summarized the deal. TestingCatalog quoted OpenAI describing Promptfoo as bringing “deep engineering expertise in evaluating, securing, and testing AI systems at enterprise scale” enterprise-scale quote. For engineers, that points to stronger first-party eval harnesses around prompt attacks, unsafe tool use, and policy regressions rather than just more generic observability.
The clearest immediate commitment is continuity. OpenAI said Promptfoo will stay open source under its current license and that current customers will continue to be serviced and supported license and support. That matters because Promptfoo has been used both as an open-source CLI and as an enterprise security product, so the acquisition does not read as an abrupt shutdown of the existing workflow.
Supporting context from the discussion around the deal says Promptfoo already powers evaluation and red-teaming for “25%+ of the Fortune 500” Fortune 500 claim. Another summary describes OpenAI as baking Promptfoo’s capabilities into Frontier for “automated vulnerability scanning, safety testing, and compliance tracking” Frontier integration. Those extra details are secondhand rather than direct product docs, but they fit the direction of OpenAI’s own announcement: more of the security testing stack moves closer to the model platform.
OpenAI is making a bet that agent deployment is now a security-testing problem as much as a model-quality problem. Cedric Chee’s summary tied the acquisition to “AI coworkers” entering real enterprise workflows and the need for “systematic ways to test agent security” systematic testing. That is the operational shift behind this deal: evals are no longer just benchmark scorecards, but pre-deployment controls for tool use, data access, and policy compliance.
The announcement also lands alongside OpenAI’s broader push to expose more agent runtime behavior. In related discussion, OpenAI developer content highlighted a new “phase” parameter so agents can distinguish user-facing final responses from in-progress “commentary” during longer tasks phase parameter. That post is not about the acquisition itself, but it shows the same product direction: more structured agent behavior, and now, potentially, more native infrastructure to test whether that behavior is safe.
Vals AI switched SWE-Bench Verified from SWE-Agent to the bash-only mini-swe-agent harness, aligning results more closely with the official benchmark setup. Top score dipped slightly to 78.8%, but the change reduces harness-specific confounds when comparing models.
releaseOpenClaw shipped version 2026.3.22 with ClawHub, OpenShell plus SSH sandboxes, side-question flows, and more search and model options, then followed with a 2026.3.23 patch. Teams get a broader plugin surface, but should patch quickly and review plugin trust boundaries as the ecosystem grows.
releaseCursor shipped Instant Grep, a local regex index built from n-grams, inverted indexes, and Bloom filters that drops large-repo searches from seconds to milliseconds. Faster candidate retrieval shortens the coding-agent loop, especially when ripgrep-style scans become the bottleneck.
breakingChatGPT now saves uploaded and generated files into an account-level Library that can be reused across conversations from the web sidebar or recent-files picker. It removes repetitive re-uploading and makes past PDFs, spreadsheets, and images part of a persistent working context.
breakingEpoch AI says GPT-5.4 Pro elicited a publishable solution to one 2019 conjecture in its FrontierMath Open Problems set, with a formal writeup planned. Treat it as an early milestone worth reproducing, not blanket evidence that frontier models can already automate math research.
We’re acquiring Promptfoo. Their technology will strengthen agentic security testing and evaluation capabilities in OpenAI Frontier. Promptfoo will remain open source under the current license, and we will continue to service and support current customers. Show more
OpenAI is acquiring Promptfoo to accelerate agentic security testing in Frontier. As AI coworkers enter real workflows, enterprises need systematic ways to test agent security.
We’re acquiring Promptfoo. Their technology will strengthen agentic security testing and evaluation capabilities in OpenAI Frontier. Promptfoo will remain open source under the current license, and we will continue to service and support current customers.
OpenAI announced its acquisition of Promptfoo, an AI security platform designed to help enterprises identify and fix vulnerabilities in their AI systems. Promptfoo is a massive player in AI security, already trusted by over 25% of the Fortune 500 to evaluate and red-team LLM Show more
OpenAI acquired @promptfoo, an AI security platform for enterprises. “Promptfoo brings deep engineering expertise in evaluating, securing, and testing AI systems at enterprise scale”
OpenAI acquired @promptfoo, an AI security platform for enterprises. “Promptfoo brings deep engineering expertise in evaluating, securing, and testing AI systems at enterprise scale”
