While I agree with the desire to make it safe by default, I also see why you don’t want to do that.
What do you think of adding feature keynames to the spec, and then also defining a few common “modes” in the spec that define a whitelist or blacklist of features? I just wrote up a propose for this in Standard keyname for features