This is not a realistic concern. If you're working on highly confidential code (in a serious meaning of that phrase), your while environment is already either offline or connecting only through a tightly controlled corporate proxy. There's no accidental leaks to AI from those environments.
thanks for giving the security department more reasons to think that way.
I spent the last 6 months trying to convince them not to block all outbound traffic by default.
The right middle ground is running Little Snitch in alert mode. The initial phase of training the filters and manually approving requests is painful, but it's a lot better than an air gap.
that’s what I do, but since it’s in my control the security teams don’t like it. ;)
There are ranges of security concerns and high confidentiality.
For most corporate code (that is highly confidential) you still have proper internet access, but you sure as hell can't just send your code to all AI providers just because you want to, just because it's built into your IDE.