Security: restrict API model loading args to UI-exposed parameters

The /v1/internal/model/load endpoint previously allowed setting any
shared.args attribute, including security-sensitive flags like
trust_remote_code. Now only keys from list_model_elements() are accepted.

extensions/openai/models.py

@@ -1,4 +1,4 @@
-from modules import shared
+from modules import shared, ui
 from modules.logging_colors import logger
 from modules.LoRA import add_lora_to_model
 from modules.models import load_model, unload_model
@@ -46,9 +46,13 @@ def _load_model(data):
     update_model_parameters(model_settings)
 
     # Update shared.args with custom model loading settings
+    # Security: only allow keys that correspond to model loading
+    # parameters exposed in the UI. Never allow security-sensitive
+    # flags like trust_remote_code to be set via the API.
+    allowed_keys = set(ui.list_model_elements())
     if args:
         for k in args:
-            if hasattr(shared.args, k):
+            if k in allowed_keys and hasattr(shared.args, k):
                 setattr(shared.args, k, args[k])
 
     shared.model, shared.tokenizer = load_model(model_name)