I understand the problem you're trying to solve. Have you looked into configuring permissions for harnesses like Claude Code? I believe achieving what you want is possible with something like `.claude/settings.json` via something like:

  {
    "permissions": {
      "allow": [
        "Read(**/*.rs)",
        "Edit(**/*.rs)",
        "Write(**/*.rs)"
      ],
      "deny": [
        "Bash",
        "PowerShell"
      ]
    }
  }