Claude Code VS Code Extension Leaks Selection State Across Closed Files and New Sessions

A Reddit user (u/SportSpecialist2536) reports a serious data leak bug in the Claude Code VS Code extension. Selection state from a file persists after the file is closed and can be accessed by a new claude CLI session, including selections made only for clipboard copy-paste — not for AI context.

Repro Steps

1. Open any file in VS Code with the Claude Code extension installed.
2. Select two lines with recognizable values (e.g., FOO=abc / BAR=def).
3. Close the file tab.
4. Open a different file.
5. Open a terminal in the same VS Code window and run claude (no flags).
6. Ask: "what file is open in my IDE?"
7. Observe if it reports content from the file you closed in step 3.

The Incident

The user selected two lines in .env.production.local to copy a Supabase service-role key into a dashboard. After closing the file and opening an unrelated TypeScript file, a fresh claude session reported the previously-selected lines — including both the publishable key and the service-role key. The IDE bridge cached the selection past file close and served it to a session that should have been a clean slate. Keys were rotated immediately.

Setup Details

• OS: Windows 11
• Claude Code CLI: 2.1.138
• VS Code extension: 2.1.140
• Terminal: PowerShell in integrated terminal

The user filed a GitHub issue with full details: #58886. They specifically ask macOS/Linux users to try the 60-second repro to confirm if the bug is Windows-specific. A quick "reproduced on [OS]" comment on the issue helps triage.

The narrower bug (selection persisting past file close) seems independently fixable from the larger "should IDE auto-attach be opt-in" question in issue #24726 (open since February).