Relays and bridges are run by volunteers, not by the Tor Project developers. Any of them could theoretically be run by malicious operators. There's a lot of research analyzing potential attacks based on this assumption. You're not 100% safe using Tor, you're just a lot safer than when you connect over clearnet or other anonymity networks (while still getting certain functionality). The whole point of entry guards is to minimize the threat of picking malicious nodes. The reason I strongly suggest using bridges as persistent entry guards with Tails rather than rotating guards with each session is to minimize the threat of picking malicious nodes. Using 2 bridges instead of 10, when 2 is all you need anyway, also minimizes the threat of picking malicious nodes.