The README does warn about this: "A compromised remote could use the VS Code Remote connection to execute code on your local machine."
https://marketplace.visualstudio.com/items?itemName=ms-vscod...
The README does warn about this: "A compromised remote could use the VS Code Remote connection to execute code on your local machine."
https://marketplace.visualstudio.com/items?itemName=ms-vscod...