Garak Pressures Promptfoo's Free Tier
Promptfoo
Open source scanning is turning raw LLM security testing into a commodity, which means Promptfoo has to monetize the layer above the scan. Garak already gives teams a free CLI for probing prompt injection, jailbreaks, data leakage, toxicity, and other failure modes, and NVIDIA goes a step further by using Garak inside NeMo Guardrails documentation for vulnerability scanning workflows. Promptfoo still offers strong free access, but its paid value has to come from team workflows, dashboards, managed operation, and continuous monitoring rather than basic probe execution alone.
-
Garak is credible with infrastructure heavy buyers because it is maintained in NVIDIA's GitHub org and described as an open source LLM vulnerability scanner with broad probe coverage. That makes it a natural first tool for platform teams that already run their own models and security stack.
-
Promptfoo's free Community plan already includes all evaluation features, vulnerability scanning, self hosting, and 10k red team probes per month. That is generous, but it also shows where monetization starts, collaboration, centralized dashboards, continuous monitoring, SSO, API access, and managed deployment.
-
Meta's LlamaFirewall points to the next competitive shift. It is an open framework for detecting and mitigating risks across prompts, responses, and multi step agent workflows, so more of the runtime defense layer is also becoming available without buying a standalone platform.
The market is heading toward a split where free tools handle scanning and point defenses, while commercial winners own the operating system for AI security. That favors vendors that can sit in daily engineering workflows, store results over time, coordinate teams, and keep attack libraries and policies current as models and agents change.