Wrapper around the function call. Don't give it the token itself but a limited set of fixed functions to create domains (their use case according to the post).

Additionally give it a similar restricted way to "delete" domains while actually hiding them from you. If you are very paranoid throw in rate limits and/or further validation. Hard limits.

Yes this requires more code and consideration but well that's what the tools can be fully trusted with.