docs: expand providerAllowlist and document model field in customization guide

[jkim323]

Pull Request

Description

Updates model governance documentation and the model catalog to accurately reflect that accepted
models are driven by the providerAllowlist in model-catalog.json rather than a hardcoded
provider restriction. Adds model frontmatter field documentation to the user-facing
customization guide.

Following changes made:
Model catalog (scripts/linting/model-catalog.json)

• Added Google and xAI to providerAllowlist, aligning the allowlist with providers that
  already have models in the catalog (Gemini 2.5 Pro, Gemini 3 Flash, Gemini 3.1 Pro, Grok Code
  Fast 1).

Contributing docs (docs/contributing/)

• custom-agents.md — Rewrote "Model Version Requirements" section to reference
  providerAllowlist as the source of truth instead of stating "Anthropic and OpenAI only."
• ai-artifacts-common.md — Same update to the shared model requirements section; removed
  hardcoded provider table in favor of dynamic catalog reference.

Customization guide (docs/customization/custom-agents.md)

• Added model row to the Frontmatter Reference table.
• Added ### model section with single-string and prioritized-array format examples,
  fast-tier guidance for subagents, and a pointer to npm run lint:models for validation.

Related Issue(s)

Fixes #1945 #2010 #1764 #1974 #1975

Type of Change

Select all that apply:

Code & Documentation:

• Bug fix (non-breaking change fixing an issue)
• New feature (non-breaking change adding functionality)
• Breaking change (fix or feature causing existing functionality to change)
• Documentation update

Infrastructure & Configuration:

• GitHub Actions workflow
• Linting configuration (markdown, PowerShell, etc.)
• Security configuration
• DevContainer configuration
• Dependency update

AI Artifacts:

• Reviewed contribution with prompt-builder agent and addressed all feedback
• Copilot instructions (.github/instructions/*.instructions.md)
• Copilot prompt (.github/prompts/*.prompt.md)
• Copilot agent (.github/agents/*.agent.md)
• Copilot skill (.github/skills/*/SKILL.md)

Note for AI Artifact Contributors:

• Agents: Research, indexing/referencing other project (using standard VS Code GitHub Copilot/MCP tools), planning, and general implementation agents likely already exist. Review .github/agents/ before creating new ones.
• Skills: Must include both bash and PowerShell scripts. See Skills.
• Model Versions: Only contributions targeting the latest Anthropic and OpenAI models will be accepted. Older model versions (e.g., GPT-3.5, Claude 3) will be rejected.
• See Agents Not Accepted and Model Version Requirements.

Other:

• Script/automation (.ps1, .sh, .py)
• Other (please describe):

Sample Prompts (for AI Artifact Contributions)

User Request:

Execution Flow:

Output Artifacts:

Success Indicators:

For detailed contribution requirements, see:

• Common Standards: docs/contributing/ai-artifacts-common.md - Shared standards for XML blocks, markdown quality, RFC 2119, validation, and testing
• Agents: docs/contributing/custom-agents.md - Agent configurations with tools and behavior patterns
• Prompts: docs/contributing/prompts.md - Workflow-specific guidance with template variables
• Instructions: docs/contributing/instructions.md - Technology-specific standards with glob patterns
• Skills: docs/contributing/skills.md - Task execution utilities with cross-platform scripts

Testing

Checklist

Required Checks

• Documentation is updated (if applicable)
• Files follow existing naming conventions
• Changes are backwards compatible (if applicable)
• Tests added for new functionality (if applicable)

AI Artifact Contributions

• Used /prompt-analyze to review contribution
• Addressed all feedback from prompt-builder review
• Verified contribution follows common standards and type-specific requirements

Required Automated Checks

The following validation commands must pass before merging:

• Markdown linting: npm run lint:md
• Spell checking: npm run spell-check
• Frontmatter validation: npm run lint:frontmatter
• Skill structure validation: npm run validate:skills
• Link validation: npm run lint:md-links
• PowerShell analysis: npm run lint:ps
• Plugin freshness: npm run plugin:generate
• Docusaurus tests: npm run docs:test

Security Considerations

• This PR does not contain any sensitive or NDA information
• Any new dependencies have been reviewed for security issues
• Security-related scripts follow the principle of least privilege

Additional Notes

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 80.82%. Comparing base (a847cfa) to head (7d86361).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2014      +/-   ##
==========================================
- Coverage   80.82%   80.82%   -0.01%     
==========================================
  Files         117      117              
  Lines       19095    19100       +5     
==========================================
+ Hits        15433    15437       +4     
- Misses       3662     3663       +1     

Flag	Coverage Δ
pester	84.64% <ø> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.
see 1 file with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[katriendg]

Thank you! LGTM

[rezatnoMsirhC]

Overall LGTM

[WilliamBerryiii]

Small nit on spelling and model inclusion