OpenAI acquires Promptfoo to secure AI agents as the next security battleground emerges

OpenAI is moving deeper into the security layer of artificial intelligence. The company said Monday it has acquired the cybersecurity startup Promptfoo, a developer platform for testing and safeguarding AI systems. Terms of the deal were not disclosed. Promptfoo’s team will join OpenAI, and its technology will be integrated into the company’s Frontier platform for AI agents.

The acquisition signals a shift in how the industry thinks about AI safety. As AI agents begin connecting directly to databases, software tools, and enterprise systems, the risks around misuse and system failures grow quickly. Guardrails are no longer an academic concern. They are becoming a core requirement for real-world deployment.

“As AI agents become more connected to real data and systems, securing and validating them is more challenging and important than ever,” Promptfoo CEO Ian Webster said in a statement. “Joining OpenAI lets us accelerate this work, bringing stronger security, safety, and governance capabilities to the teams building real-world AI systems.”

OpenAI buys AI security startup Promptfoo to strengthen safety for the agent era

Promptfoo is known for its open-source testing framework that helps developers evaluate prompts, measure model behavior, and compare outputs across large language models. The tool has been widely used by developers experimenting with systems built on ChatGPT, Anthropic’s Claude, and Google’s Gemini.

“We’re acquiring Promptfoo, an AI security platform that helps enterprises identify and remediate vulnerabilities in AI systems during development. Once the acquisition is finalized we will integrate Promptfoo’s technology directly into OpenAI Frontier, our platform for building and operating AI coworkers,” OpenAI said.

OpenAI said the project will continue as an open-source effort, giving developers tools to test prompts, measure reliability, and evaluate how models behave under different conditions.

The reasoning behind the acquisition is straightforward. AI agents introduce a wider attack surface than traditional software. Prompt injection attacks, unsafe tool execution, data leakage, and evaluation gaps are becoming real operational risks for companies experimenting with AI-driven automation. As agents begin performing tasks across internal systems, even small vulnerabilities can turn into serious security issues.

By bringing Promptfoo into its platform stack, OpenAI is signaling that security will sit closer to the core of how its agent ecosystem develops.

The deal comes amid a period of aggressive hiring and acquisitions by OpenAI as the company competes with Anthropic, Google, and Meta for control of the next generation of AI platforms.

In January, OpenAI acquired the healthcare technology startup Torch for roughly $60 million. Months earlier, the company acquired Software Applications, a startup that created an AI interface called Sky for Mac users.

The company has been bringing in talent at the same pace. In February, OpenAI hired Peter Steinberger, creator of the OpenClaw developer tool used for building AI agents.

“He is a genius with a lot of amazing ideas about the future of very smart agents interacting with each other to do very useful things for people,” OpenAI CEO Sam Altman wrote in a post on X at the time. “We expect this will quickly become core to our product offerings.”

Promptfoo itself is a young startup. The company announced in July that it had raised $18.4 million in Series A funding led by Insight Partners, with participation from Andreessen Horowitz.

PitchBook data shows the company had raised $22.68 million in total funding and carried a post-money valuation of about $85.5 million as of July 2025. The team numbers just eleven employees.

Andreessen Horowitz has been pushing aggressively into infrastructure and defense-oriented technology. In January, the venture firm said it raised $15 billion across several funds tied to its “American Dynamism” strategy. Of that total, $6.75 billion is allocated to a growth fund, with two additional $1.7 billion vehicles focused on applications and infrastructure, CNBC reported.

The Promptfoo acquisition adds another piece to OpenAI’s growing effort to control the stack around AI agents. Model capability is only part of the equation. Reliability, evaluation, and security are quickly turning into the next competitive front.

The race to build smarter systems is still underway. A second race is now forming alongside it: securing those systems before they reach production environments at scale.