In a nutshell: Could malware move sensitive data back and forth between the usb and the connected computers without you being any the wiser?
While there are many malware which spread over USB storage was very common, i only recall very few malware which also move sensitive data/file over USB storage with goal uploading to creator's server.
On the contrary - I think it is mandatory. A software level airgap will never be completely secure, since you are one misclick or one accidental setting change away from re-enabling some form of connectivity and breaking your airgap. A hardware level airgap (i.e. connectivity hardware removed) will always be a safer option.
The only "problem" with airgapping is that it must be permanent as you said. Therefore, it must be dedicated to always being offline, both hardware and software-wise. And the problem with this is that one must buy this device only to use it offline which renders it limited to a small amount of tasks.That's true. Aside from networking, you'll only use small portion of the storage and barely use the CPU/GPU. It's one of reason people also prefer to use their old PC or laptop.
Raspberry pi is nice option. If you go for pi zero you may want to read about SeedSigner too. Using it as signing device is much more convenient than an offline computer imho.
Yeah this is exactly why I thought of using RPi Zero. The only problem is that I can't find any RPi Zero without WiFi (the non-W version). At least where I live, it's difficult to find.
But if you can find W version easily, consider buying that and uninstall both WiFi and Bluetooth driver.
