If syncthing could forward ports between devices, it would allow any app to leverage its infrastructure for discovery, traversal etc. The main use case for me would be to ssh to devices behind firewalls or dynamic IPs.
Another more involved version would be a full network overlay, e.g. virtual adapters on a tunneled LAN, with files sync being one use case. It would replace a lot of the crappy tools people use for that today like VPNs, dynamic DNS etc.
Also congrats for this amazing project!
There are already tools that do that, namely VPNs and various overlays, and syncthing doesn’t do it better than any of them, hence not sure why you think it should be part of syncthing?
Most of what I’ve tried was pretty bad, and the tools don’t work with each other so you have to maintain several sets of configs. Each of them being one more opportunity for mistakes and security problems.
Syncthing doesn’t do that at all, so there are no guarantees that the same would not happen.
In its simplest form, there would be just one more list in the config, something like local:device:remote. If it accepts and connects on localhost only on each side, and has to be enabled explicitly on both I think it does not really increase the attack surface?
I think the effort would be better spent talking to the people who already have software that does that on improving it, oppose to wedging a random thing into syncthing that it’s not meant to do.
Well, case closed I guess 
I would love to look at that myself, but there is no way I can find the time soon. It seems you are 99% of the way there, with syncthing already maintaining tcp connections between everything, the remaining work is to open a port locally and encapsulate its traffic into the existing connections. As always I’m sure it would be more complicated in practice, but it doesn’t have to be efficient for ssh kind of things.