If I understand right, introduction points are accessed by the hidden service with a tor circuit, just like as if you use Tor as a client. I'm not sure if this is really true, but I think they are just exit relays that have to the job of keeping your domain & public key on Hidden Service Directory Servers. The only thing anyone will really know (this includes the exit/introductory relays themselves) is what public key belongs to your domain, and what introduction points it can talk to in order to start a session. I think the only weaknesses you have to worry about is the ones that any Tor circuit has, but since you are not transmitting secret information I think your only worry is an attacker is able to track you. So you could probably either blacklist the nodes that you don't trust, or whitelist for the ones you do.
I've found the taken a look at the Tor manual, and you could use the following configuration options:
ExcludeNodes & ExcludeExitNodes for blacklisting and
EntryNodes & ExitNodes
I don't know why there are not exclude options for entrynodes or an (Middle)Nodes option.
Basically you can add a comma-seperated list with country codes or ip addresses you like (or don't like). Judging from the manual I think country codes are 2 digit. For example:
EntryNodes 220.127.116.11, 123.456.87.0/8
Or something like that.
Then of course, if Tor finds no session could be established with your rules, it will break your rules and create a circuit with nodes from your black list or not from your white list. This can be changed with the ScrictNodes option, if you so desire:
Take a look at the manual for more information: https://www.torproject.org/docs/tor-manual.html