swarm

The script itself is an orchestration tool (not obviously malware). However it intentionally disables safety controls when invoking external LLM runtimes and runs package managers and git operations that can lead to arbitrary code execution or destructive repository changes. The primary risk is operational: untrusted prompts, agent behavior, or dependencies can modify or damage the repository or execute arbitrary code. Treat this as a moderately high-risk tool to run in non-sandboxed environments.