OpenAI has snapped up Promptfoo, a specialized artificial intelligence (AI) security startup, to bolster the safety of autonomous digital workers and convince enterprise clients that AI co-workers are ready for high-stakes business environments.

OpenAI did not disclose financial terms of the transaction. PitchBook data indicates Promptfoo was valued at $119 million following a $22 million funding round backed by Insight Partners and Andreessen Horowitz last year.

“As enterprises deploy AI coworkers into real workflows, evaluation, security, and compliance become foundational requirements,” OpenAI said in a blog post on Monday. “Enterprises need systematic ways to test agent behavior, detect risks before deployment, and maintain clear records to support oversight, governance, and accountability over time.”

Founded in 2024 by Ian Webster and Michael D’Angelo, Promptfoo has rapidly become a staple in the corporate AI stack.

Despite its relatively recent entry into the market, the startup’s tools are already utilized by more than 25% of Fortune 500 companies. Promptfoo provides an open-source command-line interface and a library designed specifically for red teaming, the process of rigorously testing systems for vulnerabilities before they are deployed.

Once the deal is finalized, OpenAI intends to fold Promptfoo’s technology into OpenAI Frontier, its flagship platform for building and managing enterprise AI agents. The agents, which can perform multi-step digital tasks independently, have sparked immense interest for their potential productivity gains, but they also present a broader attack surface for cybercriminals.

Srinivas Narayanan, OpenAI’s chief technology officer of business-to-business applications, emphasized that the Promptfoo team brings critical expertise in securing AI at an enterprise scale. He said the integration will introduce several automated safeguards directly into the development workflow, including real-time testing for prompt injections and jailbreaks, tools to identify and stop accidental data exposure or tool misuse, and enhanced reporting and traceability to meet strict regulatory requirements.

The acquisition comes at a time when frontier labs are under intense pressure to prove that agentic AI can be trusted with sensitive corporate data. Independent agents offer efficiency, but they also risk being manipulated into performing out-of-policy behaviors or exposing internal systems to adversaries.

“We founded Promptfoo to give developers a practical way to secure AI systems,” Promptfoo CEO Webster said in a statement. “Joining OpenAI allows us to accelerate our work on safety and governance for the teams building the next generation of AI.”

OpenAI has committed to maintaining Promptfoo’s open-source project alongside its proprietary enterprise features.

By bringing these security experts in-house, OpenAI is signaling that the next phase of the AI revolution will be defined as much by its defensive barriers as its generative capabilities.