As a consumer of Visual Studio Marketplace extensions, I frequently find myself wondering if this or that nice little add-on might be a security problem. For example, maybe it uploads my code somewhere. Is this a risk I simply have to take? Is this somehow checked? In the case of a popular add-on, would it be reasonable to assume that if it did do something like that, someone would have noticed?