OpenAI moves to acquire Promptfoo to bring agent security testing into Frontier

OpenAI announced plans to acquire Promptfoo on March 9, 2026, adding a security-and-evaluation layer to its enterprise AI stack. In the announcement, OpenAI describes Promptfoo as an AI security platform that helps enterprises identify and remediate vulnerabilities in AI systems during development. Once the deal closes, OpenAI says Promptfoo’s technology will be integrated directly into OpenAI Frontier, the company’s platform for building and operating AI coworkers.

The rationale is tightly aligned with how enterprise AI is changing. As companies move AI coworkers into real workflows, OpenAI argues that evaluation, security, and compliance become foundational requirements rather than secondary features. Enterprises need systematic ways to test agent behavior, detect risks before deployment, and maintain records that support oversight, governance, and accountability over time. The announcement is effectively an acknowledgment that model capability alone is not enough for large-scale enterprise adoption; organizations also need durable control systems around those models.

Why Promptfoo matters

Promptfoo brings both enterprise traction and developer tooling. OpenAI says the company’s tools are trusted by more than 25 percent of Fortune 500 companies and that its open-source CLI and library for evaluating and red-teaming LLM applications are already widely used. OpenAI also says it will continue building the open-source project while expanding integrated enterprise capabilities inside Frontier. That point matters because it suggests the company wants both ecosystem credibility and deeper platform lock-in: support the tools developers already use, then connect them more tightly to Frontier.

The planned integration is specific. OpenAI says Frontier will add automated security testing and red-teaming to help enterprises identify and remediate prompt injections, jailbreaks, data leaks, tool misuse, and out-of-policy agent behaviors. It also says security and evaluation will be integrated more deeply into development workflows so teams can investigate and remediate risks earlier. A third focus area is oversight and accountability, with reporting and traceability meant to help organizations document testing, monitor changes over time, and meet governance, risk, and compliance expectations.

More than a model story

The acquisition is notable because it expands OpenAI’s enterprise pitch beyond access to frontier models. Frontier is increasingly being positioned as a control plane for deploying AI coworkers safely at scale, with testing, monitoring, and compliance built into the operating environment. Promptfoo fills a practical gap in that strategy by giving OpenAI a mature evaluation and security toolset that speaks directly to enterprise procurement concerns.

The transaction is still subject to customary closing conditions, so the integration is not final. Still, the announcement makes OpenAI’s direction clear: enterprise competition in AI will not be decided only by raw model performance. It will also be shaped by how well vendors help customers validate agent behavior, document risks, and keep AI systems inside policy as those systems connect to real data and tools.