Introducing IDE-SHEPHERD: Your shield against threat actors lurking in your IDE

This report introduces IDE-SHEPHERD, an open-source VS Code/Cursor extension that instruments the extension-host Node.js runtime to intercept child_process, HTTP(S), and task executions, and uses heuristic metadata analysis to detect and block malicious extensions and workspace tasks; the document demonstrates protections against real-world malicious extension campaigns (including obfuscated payloads and folder-open task execution), lists example IoCs, and advocates for continuous, runtime-based defenses to mitigate IDE-based supply-chain and workspace-trust abuses.