Safetensors audited safe and set to become default in Hugging Face Transformers

AI Impact Summary

An external security audit by Trail of Bits validates safetensors as safe and ready to become the default format for saved models. HF, EleutherAI, and Stability AI indicate safetensors will be installed by default in transformers and eventually used as the standard single-file, lazy-loading format, offering faster load times and stronger safety guarantees than pickle-based formats. The audit found no critical security flaws; some spec imprecisions were fixed and test coverage expanded, supporting a broad ecosystem adoption including PyTorch, TensorFlow, JAX, and other frameworks. This shift will affect model deployment pipelines that rely on model serialization, requiring teams to align training, saving, and loading processes to leverage safetensors by default.