Continuing the discussion from Introducing single-space guests beta in Confluence Cloud!:
This is a quote from the announcement of the feature. To me it seems like blocking guest users goes against what they stated in the beginning.
We put quite a lot of effort as a team to make sure that guest users could use our “frontend only” app which relies on the AP library to get the content it needs. In fact, in order for guest users to work with the app, an admin user would have to enable “anonymous access” for some specific spaces where we store data, otherwise the request sent through AP would not return anything. “anonymous access” would only need to be enabled for the space not the Confluence, to avoid any confusion. So in this case, the admin would be responsible for deciding if they want guest users to use app or not 