Promptfoo is an open-source CLI and Node.js library for evaluating and red teaming LLM applications, with YAML configs, 50+ attack plugins, and a web UI that shows where models fail. OpenAI acquired Promptfoo on March 9, 2026, but the project remains MIT licensed and open source, with CI/CD-native testing that can block vulnerable AI deployments before release. #Promptfoo #OpenAI #OWASPLLMTop10 #MITREATLAS #NISTAIRMF
Keypoints
- Promptfoo helps evaluate and red team LLM apps directly in the developer workflow.
- It supports YAML-based configuration and runs in CI/CD pipelines to stop bad releases.
- More than 50 attack plugins cover jailbreaks, prompt injection, PII leakage, SSRF, and SQL injection.
- It includes OWASP LLM Top 10 presets plus NIST AI RMF and MITRE ATLAS mappings.
- The web UI shows test results, evidence, and compliance reports for each failure.