capjamesgI don't know too much about serialization, but I understand safetensors is a move in the right direction away from pickle, which the Python docs themselves explicitly say is a potential security risk. You should never open untrusted pickle files.
