Comment by zarzavat

I don't think it's viable to containerize an IDE. Running user code at full permissions is a core feature for an IDE. The programs that the user develops in an IDE could potentially touch any OS surface. When the user is a developer, you have to trust them.

Though this autorun feature is crazy and should be completely off by default.