Relic

This package mostly does what it says (local capture → local vault → distill/export), but there are unexplained deviations you should address before installing or enabling passive hooks: - Inspect and remove or fix hooks/relic_extractor.py. It hardcodes VAULT = Path('/Users/yexiaodong/...'), which ignores RELIC_VAULT_PATH/get_vault_path and is a red flag (likely a leftover from a developer environment). If that path were present on your system the script would write into it; if it doesn't exist the script may fail or create unexpected directories when run with sufficient permissions. - Inspect hooks/capture_hook_mod.py, which uses a repo-root-derived VAULT (ROOT / 'vault') rather than the standard get_vault_path() contract. That means enabling the hook could write into a vault located relative to the package copy rather than your configured vault. - Only enable the optional relic-capture hook after you have verified the vault path used by the actual hook files matches your intended RELIC_VAULT_PATH. Prefer enabling hooks only after manual testing of the CLI scripts (init_relic.py, capture_note.py, distill_facets.py) and after setting RELIC_VAULT_PATH explicitly. - Run the scripts in a safe environment (non-production, with a test RELIC_VAULT_PATH) first to confirm behavior and outputs. Search the package for any other hardcoded absolute paths or unexpected file writes. - If you are uncomfortable auditing/patching the two inconsistent files, avoid enabling passive capture and use the manual CLI commands only. If you need help examining or patching relic_extractor.py and capture_hook_mod.py to use get_vault_path(), consider asking a developer to adjust them before use.

These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.