Visual Studio Code Gains Research Agent, Chronicle Search, and New AI Features

Microsoft has released Visual Studio Code 1.123 for Windows, macOS, and Linux, just one week after shipping version 1.122.

The latest update continues the company’s push toward AI-assisted development, introducing new agent capabilities, cross-device session syncing, browser improvements, and additional security protections for extensions.

AI Agent Sessions Now Sync Across Devices

One of the biggest additions in Visual Studio Code 1.123 is support for syncing AI agent data across machines through GitHub accounts.

Developers can now access their AI-related work regardless of which device they are using. Synced information includes chat histories, touched files, repository context, and related pull requests.

The feature aims to make it easier for developers to switch between workstations without losing AI context or previous conversations.

New /chronicle Command Helps Search Past Work

Microsoft has introduced a new /chronicle command designed to help developers revisit previous coding sessions.

Instead of manually browsing old conversations, users can search past sessions using natural language queries. For example, developers can ask about work completed on a specific project or feature and receive relevant results from previous sessions.

The feature can also generate standup reports automatically and provide productivity insights based on a developer’s activity history.

Better Handling for Network-Dependent Terminal Commands

Visual Studio Code 1.123 also improves how local AI agents execute terminal commands that require internet access.

If a command attempts to access a domain that is not included in the approved allowlist, VS Code will automatically retry the command inside a sandbox environment with unrestricted network access.

If the command continues to fail, the editor can fall back to unsandboxed execution while maintaining filesystem protections.

Microsoft says this approach helps balance security and functionality when agents need access to online resources.

Multiple Agent Sessions Can Be Compared Side-by-Side

Developers working on complex projects can now drag, drop, pin, and organize multiple AI agent sessions simultaneously.

This makes it easier to compare code changes, review different approaches, or monitor multiple development tasks in real time.

New Research Agent Arrives

Another major addition is the new Research Agent. Available through the /research command, the tool acts as a read-only research assistant capable of gathering information from multiple sources, including the web, local codebases, and GitHub repositories.

The Research Agent can generate Markdown reports to help developers understand unfamiliar APIs, analyze large codebases, or perform deeper technical investigations.

Unlike coding agents, Research Agent focuses on information gathering and analysis rather than making changes to code.

Browser Improvements Add Better Screenshot Tools

The integrated browser inside Visual Studio Code also receives several upgrades. Developers can now capture both targeted area screenshots and full-page screenshots.

These screenshots can be shared with AI tools to provide visual context for layout issues, UI debugging, and front-end development tasks.

Microsoft has also updated the browser address bar with support for favorites and improved tab management.

Security Update Delays Extension Auto-Updates

Alongside the AI enhancements, Microsoft has introduced a security-focused change for extension updates.

Third-party extensions will now experience a two-hour delay before automatic updates are installed.

Microsoft says the delay helps reduce the potential impact of compromised, malicious, or broken extension releases by giving maintainers and security teams more time to identify issues before updates reach large numbers of users.

The move comes shortly after reports of a publicly disclosed Visual Studio Code zero-day vulnerability that could potentially expose GitHub authentication tokens and private repository access if successfully exploited.