Comment by duncanbeevers

Lavamoat purports to do this. https://lavamoat.github.io/

There has been some promising prior research such as BreakApp attempting to mitigate unusual supply-chain compromises such as denial-of-service attacks targeting the CPU via pathological regexps or other logic-bomb-flavored payloads.