> to prevent the HSM from being used by anything without my overt permission

That sounds quite doable? Basic sandboxing (flatpak/snap/whatever) and not assigning the tss group to system daemons will do that for you.