diff --git a/extensions/openai/models.py b/extensions/openai/models.py
index 74f9dbee..d6ef119d 100644
--- a/extensions/openai/models.py
+++ b/extensions/openai/models.py
@@ -48,8 +48,9 @@ def _load_model(data):
     # Update shared.args with custom model loading settings
     # Security: only allow keys that correspond to model loading
     # parameters exposed in the UI. Never allow security-sensitive
-    # flags like trust_remote_code to be set via the API.
-    allowed_keys = set(ui.list_model_elements())
+    # flags like trust_remote_code or extra_flags to be set via the API.
+    blocked_keys = {'extra_flags'}
+    allowed_keys = set(ui.list_model_elements()) - blocked_keys
     if args:
         for k in args:
             if k in allowed_keys and hasattr(shared.args, k):
diff --git a/modules/utils.py b/modules/utils.py
index 7ab4a554..203d2d9c 100644
--- a/modules/utils.py
+++ b/modules/utils.py
@@ -27,21 +27,14 @@ def sanitize_filename(name):
 
 
 def _is_path_allowed(abs_path_str):
-    """Check if a path is under the project root or the configured user_data directory."""
+    """Check if a path is under the configured user_data directory."""
     abs_path = Path(abs_path_str).resolve()
-    root_folder = Path(__file__).resolve().parent.parent
     user_data_resolved = shared.user_data_dir.resolve()
-    try:
-        abs_path.relative_to(root_folder)
-        return True
-    except ValueError:
-        pass
     try:
         abs_path.relative_to(user_data_resolved)
         return True
     except ValueError:
-        pass
-    return False
+        return False
 
 
 def save_file(fname, contents):