OpenAI has announced its decision to acquire the AI security platform, Promptfoo, to embed security testing into its AI agents.
This integration will expand its recently released enterprise platform, Frontier, to strengthen how systems are tested, evaluated, and secured before deployment.
The acquisition aims to address the risks of AI agents when they access internal data, call APIs, and workflows, so organizations can deploy agents with more reliability, governance, and compliance controls.
Srinivas Narayanan, CTO of B2B Applications at OpenAI, highlights how this acquisition will allow customers to build and deploy AI systems with built-in testing and security.
“Promptfoo brings deep engineering expertise in evaluating, securing, and testing AI systems at enterprise scale,” he explained.
“Their work helps businesses deploy secure and reliable AI applications, and we’re excited to bring these capabilities directly into Frontier.”
Understanding Risks as AI Agents Interact with Real Business Data
This acquisition highlights a growing problem as more AI agents are being deployed and start to interact with real systems inside companies, reading internal documents, query databases, call APIs, and may be required to trigger actions such as ticket approval, sending emails, or executing workflows.
This shifts an AI agent from being a text generator to an automated employee, introducing security risks that traditional software security tools are not designed to handle.
Problems can begin to occur when a language model misinterprets an instruction, taking in both the prompt and external content that may include malicious instructions, causing the model to treat it as legitimate guidance.
In the case of prompt injection attacks, a model cannot reliably distinguish between developer-written and data embedded instructions, leading to data leakage or unauthorized actions.
Other risks can evolve from agent access to internal data stores, such as customer databases, financial reports, and company knowledge bases, which are often connected, meaning a model can reveal sensitive information if the wrong question is asked.
These failures can occur quietly and at scale, meaning an agent could perform unintended actions without developers detecting, leading to significant data breaches, compliance violations, or operational disruption.
How Promptfoo Enhances Testing, Reliability, and Deployment of AI Agents
By solving the issue of how to safely build and operate AI agents inside real organizations, this acquisition can allow enterprise customers to improve their security, testing, and governance for AI systems that can take actions.
This ensures that AI systems are safer and easier to deploy at scale as more companies move from simple chatbots to more capable AI agents that influence real business operations, requiring them to test AI behavior before it’s released into production.
Instead of writing traditional unit tests, customer developers can define scenarios and expected behavior with the AI in large batches to judge where the model might fail in a system.
In return, Promptfoo can simulate prompt-injection attacks and attempt to extract confidential information or edge cases that might cause the model to misuse a connected tool.
Having recorded the responses, the system then evaluates the model against the defined criteria, producing a report that shows where the model fails or behaves unpredictably.
This automated scenario testing helps teams measure reliability across many variations rather than relying on a single deterministic test.
OpenAI plans to integrate Promptfoo directly into Frontier to ensure that security testing becomes a built-in part of building AI agents.
Who are Promptfoo?
The AI security platform launched in 2024 with the aim of giving developers systematic tools to test and evaluate AI systems before wider deployment.
Having previously started out as a prompt evaluation tool, the platform evolved into an AI red-teaming framework used by developers and enterprises.
Ian Webster, Co-Founder and CEO, Promptfoo, explained that as AI agents gain access to real data and systems, making AI systems safe and reliable has become even more critical.
“We started Promptfoo because developers needed a practical way to secure AI systems,” he explained.
“As AI agents become more connected to real data and systems, securing and validating them is more challenging and important than ever.
“Joining OpenAI lets us accelerate this work, bringing stronger security, safety, and governance capabilities to the teams building real-world AI systems.”
Safer, More Reliable Interactions with AI Agents
OpenAI’s acquisition of Promptfoo supports a broader shift toward AI agents, positioning its Frontier platform as not only a model provider but as infrastructure for building automated assistants that participate in real business processes.
Having launched Frontier in February, this platform expansion enables OpenAI to offer built-in evaluation, red teaming, and safety validation as part of the development workflow, rather than leaving tasks to third-party tools.
For CX, this acquisition means that interactions with AI agents are likely to become more reliable, consistent, and safe, allowing businesses to catch and fix unexpected AI behavior before it reaches users.
As a result, customers are less likely to encounter situations where an AI will give incorrect guidance, mismanage data, or produce unsafe outputs.
This acquisition also allows companies to confidently deploy AI agents to handle sensitive tasks without the risk of accidental errors or leaks.
From a customer perspective, this ensures smoother interactions, faster resolution times, and fewer frustrating or confusing AI responses.
By focusing on testing, security, and compliance to improve trust with AI, this directly enhances the quality and safety of customer-facing experiences.
