It would be nice to have a feature that allows cloud customers to prevent jobs from accessing certain domains or URLs that match a given pattern.

Alternatively, we could prevent jobs from accessing any domain or URL that doesn't match an allowed pattern -- this may be a smaller list as the piplines may only need to access GitHub repos and known image repos.