Security Vulnerability Report: Continue VS Code Extension

[hww]

Before submitting your bug report

• I've tried using the "Ask AI" feature on the Continue docs site to see if the docs have an answer
• I'm not able to find a related conversation on GitHub discussions that reports the same bug
• I'm not able to find an open issue that reports the same bug
• I've seen the troubleshooting guide on the Continue Docs

Relevant environment info

Issue: Continue VS Code extension is secretly sending user code to external cloud services (GitHub Copilot API) despite being configured for local Ollama instances.

Evidence:

    Misleading Configuration: Extension ignores apiBase settings pointing to local Ollama server

    Data Exfiltration: All code prompts are transmitted to:

        api.github.com/copilot_internal/user (GitHub Copilot)

        us.i.posthog.com (US-based analytics)

    No Disclosure: No clear warning about cloud fallback behavior

    Privacy Violation: Proprietary/private code leaves local network without consent

Impact:

    Intellectual property theft risk

    GDPR/compliance violations

    Breach of developer trust

    Potential exposure of sensitive algorithms

Affected Versions: All versions with cloud fallback feature

Recommendations:

    Immediate Removal of Continue extension

    Security Audit of all AI extensions

    Use Alternatives: Open WebUI, Cursor, Codeium with explicit local-only mode

    Network Monitoring for unexpected external connections

Status: HIGH severity - Requires immediate action

Note: This represents a fundamental breach of trust for developers expecting local AI processing.

[continue]

Related Issues

Based on a search of the repository, here are related issues:

Telemetry and Privacy:

• Telemetry sent to posthog even with "allowAnonymousTelemetry: false" #2082 - Telemetry sent to posthog even with "allowAnonymousTelemetry: false"
• Entire files are being added to context without consent - (this drastically increases token consumption and is a privacy issue) #7941 - Entire files are being added to context without consent (privacy issue)
• Add a privacy policy #670 - Add a privacy policy (closed)
• Tries to connect to "proxy-server-blue-l6vsfbzhba-uw.a.run.app" when using @Codebase even though you are using local models #1028 - Tries to connect to "proxy-server-blue-l6vsfbzhba-uw.a.run.app" when using @codebase even though you are using local models

Ollama Configuration Issues:

• Ollama On Mac apiBase not working as expected #8292 - Ollama On Mac apiBase not working as expected
• Ollama apiBase endpoint differs from VSCode to "cn" #7658 - Ollama apiBase endpoint differs from VSCode to "cn"
• [Ollama] Invalid URL #6717 - [Ollama] Invalid URL

Security and API Keys:

• Feature Request: Secure API Key Storage for LLM Models #4643 - Feature Request: Secure API Key Storage for LLM Models
• storing api keys in plain text #1729 - storing api keys in plain text
• localEnv:ENV_VAR in config.yaml Not Loading Models / Resolving API Keys (Security Concerns) #6648 - localEnv:ENV_VAR in config.yaml Not Loading Models / Resolving API Keys (Security Concerns) (closed)

GitHub Copilot Related:

• Use copilot RAG and other infrastructure #1242 - Use copilot RAG and other infrastructure (closed)
• Add Github Copilot as Chat option #2831 - Add Github Copilot as Chat option (closed)

GDPR/Compliance:

• No option to close or delete an account on continue.dev #4769 - No option to close or delete an account on continue.dev (closed)

[RomneyDa]

@hww we do not send any code to posthog, only anonymous usage data. Please open a new issue which points to suspect code if you find any.

The api.github.com/copilot_internal/user is not our extension.