OpenAI to acquire Promptfoo and fold agent security testing into Frontier

On March 9, 2026, OpenAI announced that it plans to acquire Promptfoo, an AI security platform focused on helping enterprises find and fix vulnerabilities in AI systems during development. OpenAI said the technology will be integrated into OpenAI Frontier, the company’s platform for building and operating AI coworkers. The announcement is notable because it treats evaluation and security as first-class requirements for agents that can act inside real business workflows rather than as optional post-launch checks.

OpenAI framed the deal around a concrete enterprise problem. As companies give agents access to tools, data, and internal processes, the risk surface expands quickly: prompt injection, jailbreaks, data leaks, tool misuse, and other out-of-policy behaviors can appear before a system is fully deployed. OpenAI’s pitch is that Promptfoo’s tooling can move those checks earlier in the lifecycle, so teams can test risky behavior systematically while they are still iterating on system prompts, guardrails, tools, and policies.

Promptfoo already has both enterprise reach and developer credibility. OpenAI said the company is trusted by over 25 percent of Fortune 500 companies and has built a widely used open-source CLI and library for evaluating and red-teaming LLM applications. That matters because many enterprise AI teams already rely on mixed stacks: internal tooling, open-source eval frameworks, and managed model platforms. OpenAI said it will continue building the open-source Promptfoo project while also expanding the integrated enterprise features inside Frontier, which suggests it wants both ecosystem adoption and tighter platform differentiation.

The roadmap OpenAI outlined has three main parts. First, automated security testing and red-teaming are supposed to become native Frontier features, with direct support for discovering and remediating issues such as prompt injection and data leakage. Second, security and evaluation will be embedded into development workflows rather than treated as separate audit steps. Third, OpenAI wants integrated reporting and traceability so organizations can document tests, track changes over time, and satisfy governance, risk, and compliance requirements. If OpenAI executes on that plan, this acquisition will matter less as a simple M&A event and more as a sign that agent platforms are converging toward secure-by-default operating environments.