It should be possible to exclusively use the folder-scoped Secrets Manager credentials provider, without the global-scoped credentials provider being enabled (or even present).
One way to do this is to split the shared logic out of the regular Secrets Manager provider plugin into a new common plugin. Then have both the global-scope plugin and the folder-scoped plugin depend on it:
aws-secrets-manager-credentials-provider-common
+-- aws-secrets-manager-credentials-provider-plugin
+-- aws-secrets-manager-credentials-provider-folders-plugin
It could alternatively be done by putting each one in separate repositories.