I've tried the same but the graphics performance was too slow (no GPU acceleration). The current setup is to use a virtual machine but connect to it via VS Code's Remote SSH extension from the host.
I hope you've turned off VS Code's "workspace trust" settings.
Sometimes but I wonder to what degree it actually matters. Tasks, debuggers, extensions etc. run in the context of the VM, not the host. The Remote SSH extension turns VS Code into a "thin" client which presents pretty much just the UI.
Readme says: https://marketplace.visualstudio.com/items?itemName=ms-vscod...
> A compromised remote could use the VS Code Remote connection to execute code on your local machine.
So I would say that it might be a bit harder for an attacker to gain access to your local machine, but you should not rely on it, because it's more like security by obscurity.
Well damn. I was under the impression that the communication channel uses/accepts only well defined VSCode specific messages related to the UI...