Their application/UI could avoid giving them that option. if they went around that and used the feed as a normal identity anyway, they could do that.

That isn't good security design, it's much better to have a protocol that has well-defined behaviour, and not rely on the implementation being correct.

I have two ideas which might improve this model though:

There could be a way to terminate a feed - probably just set a property msg.terminal = true and after receiving a valid message with that, ssb does not replicate any more messages from them. Maybe a temp feed has to have a migrate message (directs to a new feed) which is also a terminal.

Another option, would be when following a temp feed, you'd follow it only for a specific number of messages - then if they start using it wrong, it would just unfollow them from the invitee