Add model serialization safety gates

[malb200710-dev]

Summary

• Rebased this change onto current main and kept the existing model-supply-chain v1.0.2 updates intact.
• Adds a serialization safety evidence gate for pickle-backed checkpoints, explicit loader controls, and safetensors conversion provenance.
• Covers torch.load / weights_only, use_safetensors, trust_remote_code, isolated conversion jobs, loader-safety output reporting, and unsafe-checkpoint conversion pitfalls.

Validation

• Local marker check passed for version 1.0.3, serialization safety, loader flags, output fields, common pitfall, and changelog.
• Fenced code block count is even.
• Compare is now 1 commit ahead / 0 commits behind main.

Closes #2288

Bounty consideration requested if this review gap is accepted.

[github-actions]

Thanks for contributing! 🙏 To keep the queue reviewable, we allow one open PR per contributor at a time. You already have #2488 open, so we're closing this one — please reopen it after that PR is resolved.

[malb200710-dev]

Updated/rebased this PR onto current main after it fell behind.

It now keeps the existing model-supply-chain v1.0.2 updates, bumps the skill to v1.0.3, and preserves the original #2288 coverage: serialization safety evidence, explicit weights_only / use_safetensors loader controls, trust_remote_code review, isolated safetensors conversion provenance, output reporting, and the unsafe-checkpoint conversion pitfall.