VS Code is maybe the best product Microsoft has ever released, largely because the extension market. If Microsoft polices the marketplace more, you can probably expect VS Code quality to degrade.
Here's my argument: More scrutiny of the marketplace will lead to less extensions overall (the scrutiny process will reduce the number of extensions overall as barrier to entry will be increased). Less extensions available will create an incentive for Microsoft to add features to VS Code directly. The more features MS adds, the more bloated VS Code will become.
So then, more security auditing in the extensions marketplace will lead to a more bloated VS Code.
All that said, it would be nice if there were better security controls in the extensions marketplace, I just don't trust Microsoft to do anything in a way that actually improves their products for the people who use them.
You do not have to police everything, copy what Mozilla is doing: pass the top X extensions through manual audits (including looking at code diffs on every update) and mark them as trusted. Maybe also add a giant warning "this extension may steal your stuff" when installing everything else.
It took a while, but Microsoft got it pretty much right with Windows Defender. It quietly made all other active scanners obsolete. It's just a question of how much effort they're willing to spend on a free product's infrastructure.
VS Code is maybe the best product Microsoft has ever released, largely because the extension market. If Microsoft polices the marketplace more, you can probably expect VS Code quality to degrade.
Here's my argument: More scrutiny of the marketplace will lead to less extensions overall (the scrutiny process will reduce the number of extensions overall as barrier to entry will be increased). Less extensions available will create an incentive for Microsoft to add features to VS Code directly. The more features MS adds, the more bloated VS Code will become.
So then, more security auditing in the extensions marketplace will lead to a more bloated VS Code.
All that said, it would be nice if there were better security controls in the extensions marketplace, I just don't trust Microsoft to do anything in a way that actually improves their products for the people who use them.