XF 2.1 Automatically removing a user's *node* permissions when they are removed from a group?

I have a somewhat unique use case, and want to understand if it's possible to automate.
  1. I want to be able to, for folks who are a member of a "MiniMod" group, configure a forum node such that each member has moderation privileges for a specific node or nodes (simple enough, I figure I can and should manually set this each time)
  2. If a user who has these capabilities is removed from the "MiniMod" group, I want the capabilities I gave them for the node to be revoked automatically
  3. If a user who had these capabilities revoked (due to leaving the group) is added back to the group, I want the capabilities I gave them to be restored automatically
I figured there should be a way to construct this with some clever combination of promotions and Never global permissions for the permissions granted at the node level (such that they override what's granted there). I think I have done so with the below configuration, but wanted to check whether I am correct, as well as whether or not there is a 'better' approach:
  1. Set up "MiniMod" as the group a member has to be a part of to be eligible to have moderation capabilities for a node
  2. Manually set up the node and member's node permissions to grant them moderation capabilities
  3. Set up "NotMiniMod" as a group where the node permissions from step 2 are mirrored, but with the Never global permission (thus cancelling the node permissions out)
  4. Set up a promotion whereby any user that is not a member of "MiniMod" (or any other group with moderation capabilities for that matter) is promoted into the "NotMiniMod" group
My main concern with this approach is that it would promote many people (particularly general forum users) into the "NotMiniMod" group needlessly; although it would not practically speaking affect them, I don't really like the idea and would prefer a way to apply the promotion only to folks who were formerly in the "MiniMod" group (or otherwise scope the promotion a bit better). I could also just be wrong that my approach would even work, due to a misunderstanding of how permissions in various areas interact, or how promotions would behave in this case.