Restricting JQL filtering in addon to a single project

I have an addon that aggregates to-do items from issues and shows them on a project-level.
I am looking at adding JQL filtering to the project-level screens to allow users to filter the results based on their needs.

I am curious, are there any established guidelines for how to do this from a visual and usability perspective?

Specifically, I am struggling with the notion that a user could enter a JQL query that references content outside the current project (via the JQL project parameter), which might be subject to different permissions, settings, or other restrictions.
I am not sure how to prevent the user from doing that while still providing the flexibility that JQL gives, and simply filtering out content from other projects behind the scenes seems like poor usability.

Any suggestions greatly appreciated.