OpenAI has significantly intensified its efforts to enhance the security framework surrounding its enterprise-oriented artificial intelligence (AI) ecosystem. In a strategic move aimed at bolstering security protocols, the company has recently acquired the agentic security testing firm Promptfoo, which is poised to address critical vulnerabilities in agentic AI development.
In an upcoming interview with Infosecurity, a security advisor from a local AI project named OpenClaw underscored the pressing need for robust security measures in the realm of agentic AI. Jamieson O’Reilly, known for his background as an Australian hacker and founder of the penetration testing firm DVULN, expressed concerns regarding the future of agentic AI security. He urged the AI and cybersecurity communities to develop innovative methods for “scanning AI tools” to detect what he termed “human-language malware.” This contrasts with traditional approaches that rely primarily on file-based malware analysis, emphasizing a shift in strategy that is required for the evolving landscape of AI security.
One day after O’Reilly’s interview, which took place on March 9, OpenAI formally announced its acquisition of Promptfoo, a decision that aligns with the security needs highlighted by O’Reilly. The startup, established in July 2024 by Ian Webster, a senior engineering manager at Discord, and Michael D’Angelo, the VP of Engineering and head of machine learning at Smile Identity, focuses on providing open-source tools that assess the security of large language models (LLMs) and AI agents. Promptfoo’s offerings include tools designed to scan for vulnerabilities in LLMs, conduct red-teaming exercises on AI tools, evaluate AI prompts and models, and offer secure proxy services for model context protocol (MCP) servers, which are essential components for AI agents.
According to OpenAI’s announcement on March 10, Promptfoo’s tools are already utilized by over 25% of Fortune 500 companies, showcasing their relevance and effectiveness in the marketplace. Moreover, Promptfoo has raised $23 million in funding, with venture capital firm Insight Partners contributing $18.4 million in July 2025, along with participation from renowned firms such as Andreessen Horowitz. At present, Promptfoo employs a team of more than 20 professionals dedicated to advancing the field of AI security.
In light of the growing adoption of AI agents, which OpenAI refers to as “AI coworkers,” the tech giant opined that Promptfoo’s capabilities would play a pivotal role in offering systematic methods for testing AI agent behavior, identifying risks prior to deployment, and maintaining proper oversight and governance. Upon receiving the necessary approvals, OpenAI plans to integrate Promptfoo’s technology seamlessly into OpenAI Frontier, its platform that facilitates the development and operation of AI coworkers.
With this acquisition, OpenAI aims to embed security and safety testing as integral features of the Frontier platform. Automated security testing and red-teaming tools will be accessible to enterprises, assisting them in pinpointing and addressing risks associated with prompt injections, data leaks, agent misuse, and other prohibited behaviors. Furthermore, the integration of security measures into development workflows will allow organizations to identify and resolve potential risks in the early stages of AI development.
The announcement also emphasized the importance of integrated reporting and traceability features that will foster transparency and accountability. These tools will enable organizations to document their testing processes, monitor changes over time, and adhere to the evolving governance, risk, and compliance standards relating to AI technologies. In an important gesture, OpenAI has committed to keeping Promptfoo’s current product suite open source, thereby ensuring broad access and continued innovation in the security domain.
O’Reilly, upon discussing the acquisition with Infosecurity, remarked that it was a logically sound move, although he noted he lacked sufficient context regarding the specifics of Promptfoo and its acquisition. As an advisor to OpenClaw, O’Reilly has been instrumental in developing a security roadmap for the project and recently finalized an agreement with Google-owned VirusTotal. This partnership is designed to enhance the security of OpenClaw-compatible skills shared on skill libraries, including ClawHub.
Despite VirusTotal’s familiarity with traditional binary-based malware analysis, O’Reilly highlighted its unique position as one of the few entities proactively engaged in studying skills marketplace abuse. He also pointed out VirusTotal’s privileged access to Google AI Gemini, which can be utilized to effectively scan for human-language malware.
Adding complexity to the situation, Peter Steinberger, founder of OpenClaw, revealed plans to join OpenAI shortly after the partnership with VirusTotal, sparking speculation regarding the future of the OpenClaw project. Steinberger expressed a desire for OpenClaw to emulate a model similar to Google’s Chromium, where an open-source initiative is maintained by a company alongside external contributors, subsequently serving as the foundation for commercial applications.
In conclusion, with the recent integration of Promptfoo and other ongoing developments, OpenAI is progressively intensifying its focus on constructing a comprehensive security infrastructure tailored to its enterprise AI ecosystem. The company’s initiatives, including the rollout of Codex Security—a tool aimed at helping developers identify and mitigate vulnerabilities in AI-generated code—indicate a concerted effort to promote a safer and more secure AI landscape for businesses and consumers alike.