[scarygliders]

Just know that the .ckpt format has more or less been replaced by .safetensors these days.

tl;dr .ckpt files can contain Python pickles containing runnable Python code, which means a Bad Guy could create a .ckpt model containing malicious python code. Basically.