Yes. Not even just HPC clusters, shared login servers are pretty common in academia. I manage several in our lab. Sure, we mostly trust the users against malice more or less but not so much against incompetence. A malicious vscode plugin would run rampant in this space.

And then there are users running claude-cli and friends who may just find it convenient to use a local root exploit to remove obstacles.