I don't see how this solves the issue, something bad can happen regardless of permission granularity, no?

Definitely a good initiative though. I like how coding harnesses do it, showing you the exact command that would run, or running it in a sandbox first.