Is there an ability to restricts commands that kubectl exec could run?

[renta]

We want to use BotKube as some sort of shell for the cluster to run kubectl exec ... commands in the container without granting a full access to the cluster. Correct me if I'm wrong, but now https://www.botkube.io/configuration/#resource-config-yaml-syntax allows to restrict only high-level kubectl API (ex. allow to run only describe and logs in the cluster). But as we want to allow to execute exec command, we want to restrict binaries that BotKube will have ability to run to not to allow full shell access to the containers.

We thought that BotKube filters will allow us to interact with user input, examine and filter it, but according to the documentation and project architecture page it is suitable for filtering events from the cluster but not an input to the cluster.

It would be nice to have such a feature but maybe I've missed something and there is a solution?