Might be worth looking into immutable distros (nix, guix) and their home management systems, or containerised apps (flatpak, where you can inject config). A lot of tools are hardcoded to non standard locations so it’s kind of a losing battle by default. A similar strategy would be to use permissions or mount certain folders as read only.
Yay more options
Highly recommended a yaml “linter” :)