Agentic Coding and the Weakness of Extensions for IDEs

A recent attack involved a malicious VS Code extension stealing cryptocurrency by downloading remote access tools. The incident highlights deeper issues with IDE extension models, where users struggle to identify legitimate extensions among similarly named options with artificially inflated download counts. This security vulnerability suggests that agentic terminal interfaces like Claude Code may offer a better path forward than continuing to build AI capabilities into traditional IDEs through extensions.