I don’t see why nearby adversaries should be out of scope. It could be the user themselves making a mistake or some random person pressing buttons. It doesn’t necessarily have to be an advanced adversary.
Debian disables coredumps by default and we disable coredumps in security-misc for other distros.
https://github.com/Whonix/security-misc/blob/master/etc/security/limits.d/disable-coredumps.conf (there are a few other ways we disable them too)