Use yaml.safe_load
diff --git a/buildkite/bazelci.py b/buildkite/bazelci.py
index e38161b..73f5043 100755
--- a/buildkite/bazelci.py
+++ b/buildkite/bazelci.py
@@ -565,17 +565,17 @@
 def load_config(http_url, file_config):
     if file_config is not None:
         with open(file_config, "r") as fd:
-            return yaml.load(fd)
+            return yaml.safe_load(fd)
     if http_url is not None:
         return load_remote_yaml_file(http_url)
     with open(".bazelci/presubmit.yml", "r") as fd:
-        return yaml.load(fd)
+        return yaml.safe_load(fd)
 
 
 def load_remote_yaml_file(http_url):
     with urllib.request.urlopen(http_url) as resp:
         reader = codecs.getreader("utf-8")
-        return yaml.load(reader(resp))
+        return yaml.safe_load(reader(resp))
 
 
 def print_collapsed_group(name):