research: integrate Promptfoo for automated agent red-teaming

## Research

Promptfoo (github.com/promptfoo/promptfoo) is an open-source CLI for automated agent red-teaming with 50+ vulnerability types: prompt injection, jailbreaks, tool misuse, authorization bypass. YAML config, CI/CD integration. 127 Fortune 500 users.

Works as a black-box tester — can target Zeph's daemon HTTP endpoint (`/a2a`) and ACP HTTP+SSE transport without any Rust SDK.

## Proposal

1. Create Promptfoo test config (YAML) targeting daemon `/a2a` endpoint
2. Define red-team scenarios: prompt injection via tool outputs, tool misuse escalation, sandbox bypass attempts, memory poisoning
3. Add to CI as optional security gate (non-blocking initially)

## Sources

- https://github.com/promptfoo/promptfoo
- https://www.promptfoo.dev/docs/red-team/agents/
- AgentAssay behavioral fingerprinting: https://arxiv.org/html/2603.02601
- Anthropic Petri framework for autonomous red-teaming

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

research: integrate Promptfoo for automated agent red-teaming #1523

Research

Proposal

Sources

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

research: integrate Promptfoo for automated agent red-teaming #1523

Description

Research

Proposal

Sources

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions