Safetensors audited safe and set to become default format in Hugging Face Transformers

AI Impact Summary

An external security audit by Trail of Bits confirmed safetensors as safe and supports making it the default format across Hugging Face, with collaboration from EleutherAI and Stability AI. The library provides safer cross-framework serialization (PyTorch, TensorFlow, JAX, PaddlePaddle, NumPy) and enables lazy loading for faster CPU loads, which can significantly reduce model startup times. With Transformers planning to install safetensors by default and eventually make it the core saving format, downstream deployments should plan for a transition that improves security posture while requiring a tooling upgrade to support the new default.