Yes, i see where you are coming from now. This is a valid concern, if this is a shared infrastructure and have several people developing policies and utilizing cache, it would be hard to monitor this. I do have a few comments regarding a few of your statements, but understand that this isn't a solution. i just want to clear up a few things.
Your most likely correct in regards to these Cache, being stored in Heap, and depending on how much resources the VM has, depends on how much space Heap is allocated. if 4GB or less, i think it uses 2GB as you stated, but if set up via best practices, as the vm has more than 4GB, the heap should be allocating anywhere from 1/2 to 2/3 of the hosts memory, but adding more memory isn't the solution. if bad cache management practices continue to occur, it only delays the inevitable.
I've often 'Fantasized' of a visual page showing me each Cache and the configured properties and current Utilization. This would be pretty nice. If you would like, you/I can create an Idea on Communities for something similar that fits your requirements and we can vote on it, which should get put on Product Management's Radar for consideration in a future release? I know this isn't an immediate fix, but could work out well in the future.
As for a more immediate 'Work Around', i think the way that i would approach this would be to monitor the JVM Heap Utilization. You can do this via requesting our 'Get JVM Metrics' assertion from Support. Once installed, you can use that assertion in a policy to display current Heap Utilization. with this info, you should be able to monitor this and maybe trigger certain actions to happen if the threshold maintains a certain level ?
One of the triggers could be a restman call to modify the cluster wide property 'messageCache.resetGeneration' which dumps all Cache in the Cluster or just configure this to run on a regular interval, instead of expecting the trigger from the jvm monitoring.
Other than this, the most i can say is that you can try to manage this procedurally via Code Review and having a sort of 'Governing Gateway Team' that reviews and approves what code is put into the next environment.
hope my ramblings helped