In my company, we use separate Data Loss Prevention Policies in separate environments. We often have the case that we would like to restrict Flow triggers more than flow actions.
E.g. in our default environment we would like to allow only SharePoint triggers but not Outlook triggers, because we suspect misuse of Power Automate as extended personal Outlook rule machine, which could quickly eat up our monthly Flow contingent. Outlook actions, though, should be possible inside a flow to inform people via e-mail.
In another environment - for corporate communication - we would possibly allow Twitter as a trigger to start flows on messages about our company, but we would not allow further Twitter actions, especially not posting to Twitter...
To date this is not possible - if the actions are in "Business Data allowed", the triggers are too. Thus we would like to see a separation between triggers and actions in the Data Loss Prevention Policies.