TeamPCP compromised GitHub’s internal development environment via a trojanized VS Code extension, reportedly exfiltrating approximately 3,800 internal repositories, and separately deployed a self-propagating npm supply chain worm that stole GitHub Actions workflow tokens from CI/CD pipelines at Grafana, OpenAI, Mistral AI, and GitHub itself. No CVEs have been assigned to either incident; risk is procedural and architectural rather than patch-driven. The VS Code Marketplace lacks mandatory code signing and automated malware scanning, and that gap remains unresolved.