I think you are confusing the BNF grammer definition of a command alias with the actual syntax:
Alias ::= 'User_Alias' User_Alias (':' User_Alias)* |
'Runas_Alias' Runas_Alias (':' Runas_Alias)* |
'Host_Alias' Host_Alias (':' Host_Alias)* |
'Cmnd_Alias' Cmnd_Alias (':' Cmnd_Alias)*
User_Alias ::= NAME '=' User_List
Runas_Alias ::= NAME '=' Runas_List
Host_Alias ::= NAME '=' Host_List
Cmnd_Alias ::= NAME '=' Cmnd_List
NAME ::= [A-Z]([A-Z][0-9]_)*
Each alias definition is of the form
Alias_Type NAME = item1, item2, ...
The asterisk here means that you can have zero or more ':' Cmnd_Alias entries.
Also note that the "," is to separate commands in a command list. An Alias list has aliases separated with colons.
Also look in the manpages and documentation for programs like vim and less. They can be configured to not allow the shell escape. For example, allowing rvim or grvim to be run as root but not vim. These will run vim in a more secure mode without the shell escape. Only allowing the more restrictive versions of these programs may be an easier way to go, but there will be a number of holes to plug.