Intercepting filesystem calls of other processes on MacOS Ventura

There are various ways to monitor filesystem access on MacOS Ventura, like fs_events or the new Endpoint Security System Extension framework.

Is there a way to intercept and potentially prevent a filesystem call of another process? Similarly to how Little Snitch intercepts network connection attempts and prompts a user to allow or deny that connection, but for files.

Example:

1. User launches a program that monitors and intercepts all filesystem calls by other processes, let's call it "FSMonitor"
2. Then I run another program that executes open("data.txt", "r"), let's call it "MalwareX"
3. FSMonitor immediately intercepts that call and prompts the user to allow or deny it before it lets MalwareX to proceed. Note that MalwareX should not be able to read the "data.txt" file before the user clicks "allow"
4. The User clicks "deny" and MalwareX gets an error instead of a file descriptor

I suppose it can be done via a kernel extension (kext) but it requires lifting system integrity protection and generally going to be deprecated in the future in favor of System Extensions.

My question is, can it be done via currently-supported MacOS system frameworks and tools?

The Endpoint Security framework you already mention fills this role. Each kind of event message has an action_type of either "AUTH" or "NOTIFY." If it's "AUTH", the event must be authorised (or denied) by your endpoint security system extension, using es_respond_auth_result or es_respond_flags_result as appropriate.

("Notify" type events are merely informational, you can't block them.)