Either way the prevalence of these is so widespread that you can no longer avoid it by being "smart". Sandbox everything, run vscode in a limited-access box and use the remote development features vscode already has. Run it on another machine if you can.
Use hardware keys (yubikey, token2). Use socket-based authentication. It's hard and a worse dx experience, but there really isn't any other way unless you never touch public libraries or don't use vscode. At bare minimum use a simple jail such as bwrap to strip access to most of the sensitive credentials and limit persistant access.
--
This is probably a hallucinated story based on a real incident. (another post by same author: https://medium.com/bean-bag-scientist/report-01-running-a-fu...)
You are a programmer who is all-in on LLM code generation. You get so much written every day! Hundreds of thousand lines of code, and you barely lifted a finger. But... your LLMs are trained on the entirety of Github.
How many repos on there are full of trojans and viruses? How do you know that your super-productive LLM isn't copying those instead of the canonical version of whatever frameworks it's building?
One day you find one. You write a blog post about it. Or, rather, the vague outline of a post. You make an LLM flesh it out, of course. You barely lift a finger.