Use a safe YAML loader for pretrained configs while preserving tuple support

[praneethhere]

Summary

This PR hardens pretrained-config loading in TribeModel.from_pretrained().

Today the code reads config.yaml with yaml.UnsafeLoader:

# tribev2/demo_utils.py:205
config = ConfDict(yaml.load(f, Loader=yaml.UnsafeLoader))

UnsafeLoader constructs arbitrary Python objects from YAML tags such as
!!python/object/new:os.system [...], which means a malicious or
tampered config.yaml (local file or downloaded from a Hub repo) can
execute code at load time.

This PR replaces that call with a yaml.SafeLoader subclass that
explicitly opts in to only the !!python/tuple tag, which is the
single Python-specific tag known to be used by published TRIBE configs.
All other Python-specific tags (python/object, python/object/new,
python/name, python/module, …) are rejected by the safe base class.

Changes

• Add tribev2/config_utils.py with a TribeConfigLoader (SafeLoader
  subclass) and a load_config() helper.
• Replace the unsafe call site in tribev2/demo_utils.py.
• Add regression tests in tests/test_config_utils.py covering:
  • loading the existing !!python/tuple pattern as a real tuple,
  • loading a config with no Python-specific tags,
  • rejecting !!python/object/new:os.system [...] payloads,
  • rejecting !!python/name:* lookups.

Why a custom subclass instead of yaml.safe_load

A drop-in yaml.safe_load(f) is what most lints suggest, but it would
break loading the currently published facebook/tribev2 config because
the existing config uses the !!python/tuple tag. The SafeLoader
subclass is the smallest change that keeps the existing config working
while shutting the door on arbitrary code execution. The included tests
encode both halves of that contract.

Test plan

pytest -q tests/test_config_utils.py