If you signed a Nondisclosure agreement with your employer, and you use—without approval—a tool that sends telemetry, you may be liable for a breach of the NDA.

I've never seen an NDA that would have clauses like that, and every job I've had required signing one. Do you have any examples?

Exactly, which is why you're using the tools provided for you in a managed corporate environment. :/

Unsafe because of telemetry or unsafe because of the plugin ecosystem?

Plugins and architecture

What should I be reading to know more about this? I am considering a move from Jetbrain's products to VS Code.

I tried this move once and lasted three days.

Opening IDEA after those three days was the same kind of feeling I imagine you’d get when you take off a too tight pair of shoes you’ve been trying to run a marathon in.

ymmv, of course, but for $dayjob I can’t even be arsed trying anything else at this point, it’s so ingrained I doubt it’ll be worth the effort switching.

If you are US and trust US products then consider moving away from Jetbrains to VS Code