IMO the talk about safeguards is utter nonsense. The model will either find vulnerabilities for you or it won't. If it will then you can broadly use the findings as you see fit.

As I see it the primary issue is giving time for the ecosystem to adapt. Once models of a given level of capability have been applied to the majority of the common software in daily use it becomes reasonably safe to release such models publicly regardless of how they are used.