llmthreat
For vendors 21 vendors · 10 tools Matrix Vendors

garak vs promptfoo: Which One Covers More of the OWASP LLM Top 10 in 2026?

garak and promptfoo are both open-source AI Red Teaming tools, diffed on license, language, maintainer, and repository status as of 2026-07-13. Both fit teams evaluating ai red teaming; the real difference is language, maintenance activity, and scope — not feature count.

Sponsored Comparison — this slot is available to category sponsors. Paid placement does not alter the coverage data or verdict below.

Spec comparison

Attributegarakpromptfoo
MaintainerNVIDIAPromptfoo (a subsidiary of OpenAI as of March 2026)
LicenseApache-2.0MIT
LanguagePythonTypeScript
StatusActiveOwnership changed
Primary useLLM vulnerability scanner — automated probing for jailbreaks, prompt injection, data leakage, hallucination, and other failure modesPrompt/agent/RAG testing and LLM red-teaming — vulnerability scanning, eval, and CI/CD security testing for AI applications

Read the full profiles: garak, promptfoo.

Last verified . Sources: https://github.com/NVIDIA/garak, https://github.com/promptfoo/promptfoo. Funding and repo figures are third-party and go stale. Re-verify before you rely on them.
Informational, not professional security advice — verify both projects' claims against OWASP, MITRE, and the maintainers directly before a decision. OWASP, MITRE, and the listed vendors and maintainers do not endorse llmthreat.com.