promptfoo
promptfoo/promptfoo
Test your prompts, agents, and RAGs. Red teaming/pentesting/vulnerability scanning for AI.
Overview
A CLI and library to evaluate and red-team LLM applications with simple declarative configurations, supporting GPT, Claude, Gemini, etc., with CI/CD integration. Used by OpenAI and Anthropic.
Categories
Tags
Relationships
Similar tools
ECC
affaan-m/ECC
The agent harness performance optimization system
AutoGPT
Significant-Gravitas/AutoGPT
AutoGPT: Build, Deploy, and Run AI Agents
prompts.chat
f/prompts.chat
The world's largest open-source prompt library for AI
JavaGuide
Snailclimb/JavaGuide
Snailclimb/JavaGuide: 面试 & 后端通用面试指南,覆盖计算机基础、数据库、分布式、高并发、系统设计与 AI 应用开发
langflow
langflow-ai/langflow
Langflow is a powerful platform for building and deploying AI-powered agents and workflows.
browser-use
browser-use/browser-use
🌐 Make websites accessible for AI agents. Automate tasks online with ease.
Install
npm install promptfooREADME
Promptfoo: LLM evals & red teaming
promptfoo is a CLI and library for evaluating and red-teaming LLM apps. Stop the trial-and-error approach - start shipping secure, reliable AI apps.
Website · Getting Started · Red Teaming · Documentation · Discord
Promptfoo is now part of OpenAI. Promptfoo remains open source and MIT licensed. Read the company update.
Quick Start
Requires Node.js ^20.20.0 or >=22.22.0 for npm and npx usage.
Node.js 20 support ends July 30, 2026 at 00:00 UTC; upgrade to Node.js 24 LTS before updating promptfoo at or after the cutoff.
npm install -g promptfoo
promptfoo init --example getting-started
Also available via brew install promptfoo and pip install promptfoo. You can also use npx promptfoo@latest to run any command without installing.
Most LLM providers require an API key. Set yours as an environment variable:
export OPENAI_API_KEY=sk-abc123
Once you're in the example directory, run an eval and view results:
cd getting-started
promptfoo eval
promptfoo view
See Getting Started (evals) or Red Teaming (vulnerability scanning) for more.
What can you do with Promptfoo?
- Test your prompts and models with automated evaluations
- Secure your LLM apps with red teaming and vulnerability scanning
- Compare models side-by-side (OpenAI, Anthropic, Azure, Bedrock, Ollama, and more)
- Automate checks in CI/CD
- Review pull requests for LLM-related security and compliance issues with code scanning
- Share results with your team
Here's what it looks like in action:
It works on the command line too:
It also can generate security vulnerability reports:
Why Promptfoo?
- Developer-first: Fast, with features like live reload and caching
- Private: LLM evals run 100% locally - your prompts never leave your machine
- Flexible: Works with any LLM API or programming language
- Battle-tested: Powers LLM apps serving 10M+ users in production
- Data-driven: Make decisions based on metrics, not gu