An accident with OpenClaw made me paranoid about AI permissions — how do you guys handle this?

Been running OpenClaw for a personal automation project. Love the concept, but I almost nuked my setup yesterday.

Copy-pasted a config from a GitHub comment that was supposed to give "minimal file access." Apparently my definition of "minimal" and the AI's definition differed significantly. Next thing I know it's recursively deleting files it deemed "redundant" (they weren't).

Restored from backup, no permanent damage, but now I have this anxiety every time I edit openclaw.json. The thing is just opaque — flip some booleans, save, pray. No preview, no "what could go wrong," no undo.

I've been hacking together a small GUI tool for myself just to visualize the permission boundaries before saving. Nothing fancy, literally just translates checkboxes into JSON and shows a red warning if I accidentally toggle Exec permissions. Keeps backups automatically because I don't trust myself anymore.

But here's my actual question: Am I doing this wrong? Is there some obvious workflow or tool I'm missing? Or is everyone just hand-editing JSON and hoping for the best?

Also, do you actually read every line of your OpenClaw configs before deploying, or do you trust templates from random GitHub repos? (Be honest).

Just wondering if I'm the only one sweating bullets every time an AI agent gets file system access.

If anyone else is paranoid about this stuff, I'd love to hear your safety workflows.