#9583: fix(models): allow models in agents.defaults.models even if not in catalog

## Summary Models explicitly listed in `agents.defaults.models` are now always allowed, even if they're not in the static model catalog or provider config. This fixes subagent model overrides for providers like `google-antigravity` that use OAuth-based auth and dynamic model discovery. ## Problem When using `sessions_spawn` with a model parameter or configuring `agents.defaults.subagents.model`, the model override was being rejected with "model not allowed" even though the model was explicitly listed in `agents.defaults.models`. The `buildAllowedModelSet` function required models to either: 1. Be a CLI provider 2. Exist in the static model catalog 3. Have the provider configured in `models.providers` For OAuth-based providers like `google-antigravity` that use dynamic model discovery, models don't appear in the static catalog and the provider isn't in `models.providers`, causing the allowlist check to fail. ## Solution Added a fallback case in `buildAllowedModelSet` that adds any model explicitly listed in `agents.defaults.models` to the allowed set, regardless of catalog/provider status. ## Testing - Added unit tests for the edge cases - All existing model-selection tests pass Fixes #6295 <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> This PR changes model allowlist construction so that any model explicitly listed in `agents.defaults.models` is considered allowed even when it’s missing from the static model catalog and the provider isn’t configured in `models.providers`. This addresses subagent model overrides for dynamically-discovered/OAuth providers like `google-antigravity`. The main functional change is in `src/agents/model-selection.ts` (`buildAllowedModelSet`) which now falls back to adding the parsed allowlist key unconditionally. The PR also adds new Vitest coverage around these edge-cases and around session-store-based model overrides. <h3>Confidence Score: 3/5</h3> - This PR is close to mergeable, but the added tests currently contain failures/noise that should be fixed first. - Core logic change in `buildAllowedModelSet` is straightforward and matches the described intent, but at least one newly added test asserts the pre-fix behavior (will now fail) and there are unused imports/debug logs that commonly break CI or add noise. I couldn’t run the test suite locally in this environment (pnpm not available), so confidence is reduced until CI is green. - src/agents/openclaw-tools.subagents.model-allowlist.test.ts, src/agents/model-selection.edge-cases.test.ts <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} <!-- /greptile_comment -->