Is there a way for jenkins agent to restrict commands that is accepted from controller?
The need is in situations that controller is not totally trusted, or the server that agent is running on is also used for other purposes
No, the agent trusts the controller.
But you could make the server run the agent as a user who has minimal permissions on directories not related to Jenkins, perhaps even in a chroot jail or container.