I gave core shards their own list in the product GNI files to make them as visible as possible (it's a small, independent list, instead of needing to dig through the package sets and their dependencies like sysmgr configs). It's clearly not perfect though :)
I'm not a GN expert, but if there were a GN incantation to print out the contents of core_realm_shards then it could be used to show you the set of shards included on a given product. Also after building, the post-merge version of the core realm's CML can be found at ${FUCHSIA_OUT_DIR}/obj/core.cml
As far as avoiding issues hidden by capability routes through appmgr, I wonder if we could have appmgr panic if it sees an incoming service for the sys realm include something that is also in sysmgr's svc directory. It would be a signal that the origin of the capability is muddied, there are alleged providers in both the modern and legacy stacks.