What you want isn’t possible without doing it yourself.
For a VPN app to have an effective firewall/killswitch on Mac, it needs to run as root because pfctl requires sudo.
The network extension API property available to sandboxed VPN apps, includeAllNetworks is not a true firewall/killswitch because it leaks.
You can see that apple says it only sends most traffic over the tunnel:
What you can do is use a sandboxed VPN app (official wireguard client or passepartout should do the trick) and configure pfctl manually or with Murus.