With the introduction of AllowKey and DenyKey on the agents (ZBXNEXT-1085) we have a lot better control about what is and what is not allowed there.

On the proxy side, this is not available yet, and the 'EnableRemoteCommands' parameter is still present.

It would be a massive improvement if we can limit remotecommands on the proxy side as well.