The tamper protection to choose for this application would be protection by self-destruction, i.e. if the buyer gets a device that still works (e.g. signs messages which prove it has the secret keys to spend Bitcoin stored on the printed address), the chip has not been tampered with.
Again, personally I would be deeply uncomfortable with such a set up. If the chip self-destructs after signing a single transaction, then there is a significant risk that you lose coins by signing an incorrect or incomplete transaction. And for most users they will not be familiar with the processes required to create a transaction manually or using a complementary watch only wallet before transferring the transaction for signing, so the risk becomes higher still.
That's true, this is one risk. It is the cost for not having to trust the designer or 'intermediary' owners / second-hand resellers.
Regarding accidental errors, there would need to be a software or extension for a popular wallet like Electrum that makes using these as simple as possible.
If you want to protect against clipboard malware, you'd also need a screen, but that would make the collectible quite bulky.
Which plays in to my issues above. If you only have one shot at signing a transaction before the chip self destructs, then not having a screen becomes too risky. If, however, you can simply unseal the device but sign as many transactions as you want, then you don't need a screen since you can double check your signed transaction on your computer before you broadcast it, and sign a different transaction should there be any issues.
The proposed software should definitely allow you to decode / check / auto-decode that signed PSBT and show you its contents before broadcasting it.
It will be much harder to hack someone's clipboard
and the wallet such that it shows a different PSBT decoding result. Although I get what you're saying: the chip is already destructed, no way to re-sign if you notice something's off. You may be able to fit a cheap OLED screen in the collectible, since they make them starting from about $2.
Maybe, the solution will also just be to have 'pretty hardware wallets'. With their full functionality & security, but also full price, just with some nice limited-edition designs. Those won't really be tradeable, though..
Tibu is already making something I'd categorize between 'full hardware wallet' and 'collectible':
https://satochip.io/product-category/satochip-designer-edition/