OpenAI Acquires Promptfoo to Strengthen AI Agent Testing
▼ Summary
– OpenAI is acquiring the security testing firm Promptfoo to enhance security for enterprise AI agents and address risks like prompt injections and data leaks.
– Promptfoo provides open-source tools for testing AI models and agents, which are already used by over 25% of Fortune 500 companies.
– OpenAI plans to integrate Promptfoo’s technology into its Frontier platform to offer built-in, automated security testing and evaluation within development workflows.
– The acquisition follows security warnings from experts like Jamieson O’Reilly about the need to scan AI tools for “human-language malware” rather than relying on traditional methods.
– OpenAI’s broader security push includes hiring OpenClaw’s founder and maintaining open-source access to Promptfoo’s tools while developing its enterprise AI ecosystem.
OpenAI is making a significant move to enhance the security of its enterprise AI offerings by acquiring the security testing firm Promptfoo. This strategic purchase directly addresses a growing need within the industry for robust tools to evaluate and safeguard autonomous AI agents, often called “AI coworkers.” The acquisition signals a clear focus on building trust and reliability for businesses deploying advanced AI systems.
The necessity for such security measures was recently underscored by Jamieson O’Reilly, a security advisor for the AI agent project OpenClaw. In a discussion, O’Reilly emphasized that the cybersecurity community must develop new methods to scan AI tools for “human-language malware,” moving beyond traditional file-based analysis. Promptfoo, founded by Ian Webster of Discord and Michael D’Angelo of Smile Identity, was built to fill this exact gap. The startup offers open-source tools for testing large language models and AI agents, including vulnerability scanning, red-teaming, and prompt evaluation. Its technology is reportedly used by over 25% of Fortune 500 companies.
Following regulatory approval, OpenAI plans to integrate Promptfoo’s capabilities directly into its OpenAI Frontier platform. This will make advanced security testing a built-in feature, providing enterprises with automated tools to identify and remediate risks like prompt injections, data leaks, and tool misuse. The integration aims to bake security into the development workflow itself, allowing organizations to catch issues earlier. OpenAI has also committed to keeping Promptfoo’s product suite open source and freely available.
The broader security landscape for OpenAI involves other strategic developments. O’Reilly has been working on a security roadmap for OpenClaw and helped forge a partnership with Google’s VirusTotal to scan for malicious code in AI skill marketplaces. Notably, OpenClaw’s founder, Peter Steinberger, recently joined OpenAI. While he stated OpenClaw will move to an independent foundation, his hiring, combined with the Promptfoo acquisition and the launch of the Codex Security tool, shows OpenAI is aggressively building out a comprehensive security infrastructure for its enterprise ecosystem.
(Source: InfoSecurity Magazine)
