Comment by rcarmo

Anecdotally, I’ve had instances when using Claude models inside VS Code they tried to access stuff outside my workspace. Never had that happen with Gemini or OpenAI models, and VS Code is pretty good at flagging dangerous shell commands (and provides internal tools to handle file access that try to minimize shell access at all).