I don't know much about SIM-cards, but in general I would say, no, it's not safe. First there's the possibility of a problem with the phones interface to the SIM-card (possibility of direct exploitation) -- secondly, it's the possibility of putting "other stuff" on the SIM-card.

A friend of mine implemented a wifi-posistioning system that got power from the phone's GSM signals (it wasn't using a full wifi stack, just enough to broadcast an 802.11b frame that access points could pick up and triangulate). It was used for positioning in museums, and the phones where used for guiding information (so it wasn't a malicious hack) -- but it does illustrate that there are many possibilities.

Put a flash storage chip on there, and record all GSM traffic for example?

It won't harm the phone, but it won't work either. You can find generic SIM card that you can program yourself, but that's not what is used in a phone. Your phone will only work with a SIM card embedding specific applications called SIM for 2G (that's where the name comes from as you see, the physical thingy is named UICC) or USIM for 3G/LTE. And this application embeds security components that will authenticate the card to the operator, either as a direct customer or as a customer of another telco which is a roaming partner. If this authentication fails, you'll have no access. If there's no valid SIM or USIM application your phone modem won't do anything with the card.

I can't guarantee there's no risk. But in Europe there are hundreds of virtual network operators - dozens in most countries - and I've never heard of any cases of operators (or anyone working for them) "messing with" sim cards, and people here newer think twice about switching sims.