Is vscode-mcp MCP safe to give an agent?
A factual risk summary built from vscode-mcp’s real tool surface, execution model, and verification history — not a vibe. Trust score 67/100.
Has tools that can create or modify data.
Runs locally over stdio — the server process executes on your machine with your user's privileges. Vet the source and package before granting access.
Installs via npx (`npx -y @vscode-mcp/vscode-mcp-server@latest`) — it pulls and executes third-party code; pin versions and review the source.
The write/destructive access this server can exercise, inferred from its verified tools.
Worried about handing an agent raw access? See governed agents in action — Apex gives your AI paced, capped, fully-logged hands with approval queues before anything runs.
Explore Apex →See also: full server page · setup · alternatives