What I'd like to create is a new 'trusted contributors' group, or more specifically, an acl project.
The purpose: To serve as a minimal policy control for access to certain features in phabricator which might be prone to abuse. Things like creating a paste, editing tasks, uploading files, or anything else that we identify to be an easy target for spammers or other kinds of abuse from outside the community.
Membership should be maximally-inclusive, essentially anyone who has demonstrated constructive contributions in any area of the wikimedia community should be added - and any member should be able to add members to the group.
Think of it as similar to Project-Admins and Diffusion-Repository-Administrators but with much less specialized/technical requirements for membership, no specific responsibilities, just a tiny barrier to abuse.
Upon writing this task and reviewing what the upstream phabricator project is doing, I thought of proposing an alternative solution, which is as follows:
- Rename project-admins to something like Trusted-Contributors or Trusted-Contributors
- Open up the membership to be much more inclusive of all contributors
- This would generalize the group's purpose to be much less specific.
Then we wouldn't need a new project for the additional anti-abuse purposes that I am attempting to address with this task.
This really works nicely with the changes we have been discussing in T139210: Abandon (or at least strongly simplify) project creation policy...
 The Upstream Phabricator has handled a similar problem with two group projects for contributors: #community and #blessed-committers which control general and repository-specific access, respectively.