When working with machine learning models, especially the large ones, security is a constant concern. Most developers rely on the format and the ecosystem with hopes that everything works as advertised. This is where formats like safetensors become crucial. Recent independent audits have confirmed that safetensors is not only safe but also ready to be the new standard for AI model formats.
Imagine downloading a model, integrating it into your system, and unknowingly inviting malicious code. This is a tangible risk with traditional formats like PyTorch’s .pt or TensorFlow’s .pb, which can execute arbitrary code during deserialization. safetensors addresses these concerns by separating metadata from tensor values, avoiding arbitrary code execution altogether. Its philosophy is straightforward—what you load is what you get, and nothing more.
The audit was thorough, focusing on how the safetensors format and parser operate, conducted by the reputable Trail of Bits. Key findings include:
The results were clean, with only low-priority suggestions for documentation and fuzzing improvements.
The simplicity of safetensors is its strength. Here’s a breakdown:
This ensures no surprises or backdoors. Performance-wise, safetensors loads faster than pickle-based formats, especially with large tensors, combining safety with speed.
For developers familiar with safetensors, the audit is a relief. For others, it’s a green light to switch. Here’s how:
For Python, it’s straightforward:
pip install safetensors
This provides access to safe_open for reading and save_file for writing.
Convert a PyTorch model from .pt to .safetensors:
from safetensors.torch import save_file
import torch
model = torch.load("model.pt", map_location="cpu")
save_file(model, "model.safetensors")
Ensure your model’s state dict contains plain tensors, as custom modules or non-tensor objects won’t transfer—intentionally.
Loading is simple:
from safetensors.torch import safe_open
with safe_open("model.safetensors", framework="pt") as f:
for key in f.keys():
tensor = f.get_tensor(key)
This guarantees no unexpected code execution.
Update your tools, APIs, or training pipelines to prioritize .safetensors. Major libraries like Hugging Face and Transformers already support it.
Publishing models in this format signals safety and ease of use.
safetensors has proven its worth through rigorous auditing. It offers a reliable, fast, and secure alternative to pickle-based formats, delivering exactly what it promises. Its simplicity and security are its greatest assets, fostering trust and confidence among developers. The audit by Trail of Bits confirms that trust is well-placed, making safetensors a dependable choice for the future of AI model formats.
Discover how Tesla overlooks vital safety concerns for self-driving cars, raising questions about AI and autonomous vehicle safety.
Exploring the ethical integration of AI in law enforcement to enhance public safety while safeguarding fundamental rights and freedoms.
AI in campus security is revolutionizing safety with facial recognition technology and advanced AI-powered systems. Learn how these innovations enhance campus safety and protect students and staff
Discover how AI converts unstructured documents into usable data assets to streamline business operations efficiently.
Explore how AI in autonomous vehicles is transforming the automotive industry, enhancing safety and driving efficiency.
Learn how to perform sentiment analysis using TensorFlow Extended (TFX) with this comprehensive guide on creating and implementing models.
Can artificial intelligence make us safer? Discover how AI improves security, detects threats, and supports emergency response
Hyundai creates new brand to focus on the future of software-defined vehicles, transforming how cars adapt, connect, and evolve through intelligent software innovation.
Discover how Deloitte's Zora AI is reshaping enterprise automation and intelligent decision-making at Nvidia GTC 2025.
Discover how Nvidia, Google, and Disney's partnership at GTC aims to revolutionize robot AI infrastructure, enhancing machine learning and movement in real-world scenarios.
What is Nvidia's new AI Factory Platform, and how is it redefining AI reasoning? Here's how GTC 2025 set a new direction for intelligent computing.
Can talking cars become the new normal? A self-driving taxi prototype is testing a conversational AI agent that goes beyond basic commands—here's how it works and why it matters.
Hyundai is investing $21 billion in the U.S. to enhance electric vehicle production, modernize facilities, and drive innovation, creating thousands of skilled jobs and supporting sustainable mobility.
An AI startup hosted a hackathon to test smart city tools in simulated urban conditions, uncovering insights, creative ideas, and practical improvements for more inclusive cities.
Researchers fine-tune billion-parameter AI models to adapt them for specific, real-world tasks. Learn how fine-tuning techniques make these massive systems efficient, reliable, and practical for healthcare, law, and beyond.
How AI is shaping the 2025 Masters Tournament with IBM’s enhanced features and how Meta’s Llama 4 models are redefining open-source innovation.
Discover how next-generation technology is redefining NFL stadiums with AI-powered systems that enhance crowd flow, fan experience, and operational efficiency.
Gartner forecasts task-specific AI will outperform general AI by 2027, driven by its precision and practicality. Discover the reasons behind this shift and its impact on the future of artificial intelligence.
Hugging Face has entered the humanoid robots market following its acquisition of a robotics firm, blending advanced AI with lifelike machines for homes, education, and healthcare.