Prevent removal, dissabling, enabling and installation of themes or plugins

lock-admin.php

<?php
/**
 * Plugin Name: Lock Admin Area
 * Plugin URI: https://example.com/my-awesome-plugin
 * Description: This plugin prevents plugin and theme management, it should be used in conjunction with preventing file editing from WP
 * Version: 1.0.0
 * Author: Thisbit
 * Author URI: https://example.com
 * License: GPL v2 or later
 * License URI: https://www.gnu.org/licenses/gpl-2.0.html
 * Text Domain: lock-admin
 **/

if ( ! defined( 'ABSPATH' ) ) die( 'Invalid request.' );
if ( 'production' !== wp_get_environment_type()) return;

// Remove install capabilities from the Administrator and Super Administrator role
function thisbit_remove_caps_from_roles() {
  $roles_to_modify = array('administrator', 'super_administrator');
  foreach ($roles_to_modify as $role_slug) {
    $role = get_role($role_slug);
    if ($role !== null) {
	    $role->remove_cap('install_themes');
	    $role->remove_cap('install_plugins');
	    $role->remove_cap('switch_themes');
    }
  }
}
add_action('init', 'thisbit_remove_caps_from_roles');

// Remove "Activate", "Deactivate" and "Delete" links for plugins in the admin area
function thisbit_remove_plugin_action_links($actions, $plugin_file, $plugin_data, $context) {
  if (!defined('WP_CLI')) {
    unset($actions['activate'], $actions['delete'], $actions['deactivate']);
  }
  return $actions;
}
add_filter('plugin_action_links', 'thisbit_remove_plugin_action_links', 10, 4);

This file HAS NOT BEEN TESTED ... it is purely an exploration as to how to lock down certain features from wp admin area. Use at your own peril :) no guarantees