Comment by artbristol
1 month ago
Unfortunately according to Microsoft themselves, the answer is yes https://marketplace.visualstudio.com/items?itemName=ms-vscod...
> A compromised remote could use the VS Code Remote connection to execute code on your local machine.
Ah well. Since I'm mostly reading code in the VM, I should come up with a better file browser.