I don’t know the use cases you may be finding for sudo to be needed. Could you give a few examples? It may be easier to reason and maybe create these best practices.
The only reference to best practices I found is here: Home · leggedrobotics/ros_best_practices Wiki · GitHub (linked from BestPractices - ROS Wiki)
- Don’t use sudo in wrapper packages.
- Don’t require manual system wide installations.