Thanks for the tip; I looked briefly into Storable and it appears it does use eval internally. From the documentation:
Since Storable version 2.05, CODE references may be serialized with the help of B::Deparse. To enable this feature, set $Storable::Deparse to a true value. To enable deserializazion, $Storable::Eval should be set to a true value. Be aware that deserialization is done through eval, which is dangerous if the Storable file contains malicious data. You can set $Storable::Eval to a subroutine reference which would be used instead of eval. See below for an example using a Safe compartment for deserialization of CODE references.
Still useful, but subject to the caveats with any use of eval.