Unfortunately no... Well, you have the standard private/protected/etc... for the C++ parts. But I suspect it would not be difficult to get around those. The basic API has basic pre-defined functions, but for the more complex types (such as storage engines) you need to include some aspects of the original MySQL source code when compiling.
The original idea of the MySQL Plugin API was to make it easier for people who already (or intend to) hack in raw code to the MySQL source. So the plugin is dynamically linked in like any other library, and if it crashes then the MySQL daemon crashes.
I suspect (without any firm evidence) that the kind of security you are talking about would have a significant performance trade-off.
It should also be noted that (at the moment) the plugins need to be compiled specifically for your version of MySQL, so in most cases you will see the source first. There is the initial work for 'services' which will end the need for this in many cases in MySQL 5.5 and MariaDB and this is talked about in the Appendix.
I hope that kind of answers your question there :)