Use BLAKE3 instead of MD5, which is broken
The hashes are only used to check that you did everything correct. It doesn't matter for this purpose if the hash algorithm is secure or not. It is assumed you trust the source you got LLaMA from and trust this repository. The reason most are using md5 is because it's fast and preinstalled on most Linux distributions as md5sum. sha256sum is preinstalled as well but it's slower. Modern not widely adopted hash algorithms like blake3 are not preinstalled. It's worth mentioning that md5 is only broken in the sense that an attacker can generate 2 documents with the same checksum but not in the sense that for a given document an attacker can create a different document with the same checksum. So md5 still secure for the purpose of preventing someone from replacing a file with a malicious one but I would not recommend ever using such a weak hash algorithm for this purpose.