The agent is doing the actual work, and VS Code is just a window.
Its disclosure raises questions about what security researchers should expect from vendors, and how far in advance of its ...