OpenAI Acquires Promptfoo To Bolster AI Agent Security

OpenAI has reached an agreement to acquire Promptfoo, a security platform focused on testing and safeguarding AI agents. The deal positions OpenAI to bring agent-focused security tooling more directly into its own product and enterprise stack.

Promptfoo is known for tools designed to evaluate and harden AI systems, with an emphasis on the kinds of risks that emerge when models are deployed as agents that can take actions, use tools, and interact with external systems. OpenAI said the acquisition is aimed at strengthening protections for AI agents as they become more common in business and developer use cases.

The companies have not disclosed financial terms in the announcements referenced by recent coverage. The acquisition was reported by TechCrunch and also described in an OpenAI announcement about the transaction. Additional coverage framed the move as an effort to bolster enterprise agent safety and reduce security risks tied to agent deployments.

The acquisition matters because AI agents are increasingly being designed to do more than generate text. They can be built to retrieve information, execute workflows, and connect to other software services, which raises the stakes for security testing, access control, and policy enforcement. For companies deploying agents inside critical workflows, safety and security requirements can be a gating factor in adoption.

By bringing Promptfoo under its umbrella, OpenAI is signaling that security evaluation and agent hardening are core parts of scaling agent products. The move also underscores that the security model for agentic systems differs from standard chatbot deployments, requiring more rigorous testing for behaviors that may appear only in complex, multi-step interactions.

For enterprise customers, the combination could mean tighter integration between the AI systems they use and the tools that test them. Organizations adopting agents often need repeatable methods to evaluate reliability and guard against harmful behavior across updates, new tool connections, and changing internal policies. A security platform purpose-built for these workflows can help standardize how agent behavior is assessed before and after deployment.

What happens next will depend on how OpenAI integrates Promptfoo’s technology and team. OpenAI will need to align the platform with its broader safety work and determine how Promptfoo’s offerings fit into existing developer and enterprise products. Customers and developers will also be watching for changes to packaging, product availability, and how security testing is incorporated into the lifecycle of building and maintaining agents.

The acquisition lands at a moment when more companies are exploring agent-based systems, making security and safeguards a central part of whether those deployments move from pilots to production.