SwarmRelay is a coherent encrypted messaging integration, but it needs review because it can auto-create identities, persist sensitive keys locally, and expose A2A/MCP messaging paths with ambiguous authentication and key-handling expectations.
Install only if you trust SwarmRelay with agent identity, presence metadata, and messaging workflows. Prefer explicit environment variables over saved credentials, review ~/.config/swarmrelay/mcp.json permissions if using local MCP, avoid optional-auth A2A relay exposure, and use local MCP instead of hosted MCP if your threat model requires client-held private keys.