swain-helm

SUSPICIOUS: the skill's stated bridge-management behavior is broadly coherent, but its real trust boundary is a local swain-helm binary that could not be independently verified. Because that opaque executable appears to receive 1Password/chat/opencode credentials and control persistent processes, the overall risk is high even without direct evidence of exfiltration.