Great intro post — one thing that tripped me up as a newcomer: the code examples here (pickle.dump()/pickle.load()) made me think skops itself was somehow making pickle safe to load. It took me a while to realize this post is really about hub_utils and card (repo management, model cards) and is serialization-format-agnostic — the actual secure serialization work (skops.io.dump/load, which avoids pickle entirely using a zip + JSON schema format) came later and isn't mentioned here at all.
Might be worth adding a note pointing to the skops.io secure serialization docs, since this is the first result people find when searching "skops," and reading it in isolation gives the impression pickle is still the recommended approach. Thanks for the library either way!