Edit NO
It cannot hide. Developer of Magisk says in his tweet, after the latest Google update
Q6: Is MagiskHide meaningless now?
A6: It depends on your expectation. MagiskHide is still effective to hide anything in userspace, but is no longer capable of spoofing bootloader/verified boot status.
To put it simply, we can still hide "root", but not the bootloader status.
(Emphasis added)
For more details see this XDA blog shared by Robert (thanks)
Also see Magisk will fail Safety-Net hereafter. Why?
Answer below is not pertinent, but retained for context
Safety-Net Vs Magisk is a typical cat and mouse game. But thankfully, most of the time Magisk is one step ahead. So, to answer your title yes, most of the time but not always
Safety Net being tripped is not just because of boot loader being unlocked. There is more to it. From Magisk and MagiskHide Installation and Troubleshooting guide by XDA developer didgeridoohan's excellent guide
What triggers SafetyNet?
There are two parts to the SafetyNet check, CTS Profile and Basic Integrity.
Examples of when ctsProfileMatch will report as false (failed):
Uncertified device (the manufacturer haven't applied for Google certification)
Unlocked bootloader
Custom ROM
Signs of system integrity compromise (rooting, etc)
Signs of other attacks (Xposed, EdXposed, etc)
Examples of when basicIntegrity will report as false (failed):
Signs of system integrity compromise (rooting, etc)
Signs of other attacks (Xposed, EdXposed, etc)@
@ EdXposed does not trip safety net. Guide has not been updated
This is where Magisk comes to rescue
Magisk can hide
- Magisk and most modules (it depends on what the module does).
*MagiskSU
Unlocked bootloader.
Permissive SELinux (most of the time. There have been reports that a permissive SELinux triggers SafetyNet even with MagiskHide enabled).
Some prop values (see "Sensitive props").
The Magisk Manager (separate option in the Manager settings).
Magisk has an option of Magisk Hide. You need to select your banking and any other apps to prevent them from seeing root. Also from Magisk Manager, hide the manager to prevent apps detecting root.
Note: Some banking apps may detect root despite passing safety net. Refer to the guide for help to fix such situations. Ver 20.1 of Magisk has sophisticated techniques to prevent this, so such incidents should be rare
Magisk itself allows you to verify your safety net status as shown
(Click to enlarge)
Also see What Magisk can't hide for more information
Caution : It's best to keep Magisk and yourself updated with Magisk Github developments so that you minimize the risk
(and your device threads on XDA) . I have been using Magisk and EdXposed on Android 9 and 10 but never faced the issue of safteynet being tripped YMMV
Another useful resource is Magisk Documentation by topjohnwu, developer of Magisk