At the exit from the bridge, the MAC destination address for the STP packet must be replaced with another multicast one. The count of the rule triggering is always equal to zero and is not added, probably STP packets do not get into it. Why doesn’t it work?
I’m afraid that the thing is that the bridge filter only handles traffic passing between ports of the bridge (where the router-facing port of the bridge has a privileged role in terms that the traffic to/from it is handled by chains input and output whereas the traffic between any other ports is handled by chain forward), whereas BPDUs fall into the “only intended for the direct neighbor - never to be forwarded” category. So if you need STP to run on your bridge, there is no way to do what you want on a single bridge; if you don’t need STP on the bridge itself, set /interface bridge set bridge1 protocol-mode=none to make it “dumb” and forward everything, not discriminating by “link-local” destination MAC addresses. In this case, BPDUs will be handled just like any other frames, so maybe you wouldn’t even need to dst-nat them.