That we know about. Last I checked VSCode extensions run completely unsandboxed, at least on Linux. It's only a matter of time before a malicious one is discovered.

WIth the current state of software it makes most sense to have each project live in a container / vm. Including all dependencies, and visual code.

Unfortunately using visualcode server isn't safe enough either.

Something like qubes seems to be the future.. or present if you're running it :-)