This article discusses the security risks associated with trust-based models in popular IDEs like VS Code and Cursor, highlighting vulnerabilities that can be exploited by malicious extensions. It introduces IDE-SHEPHERD, an open-source extension that monitors and blocks harmful operations in real-time, offering a more granular trust model and enhanced protections for developers.