You have gotten some great feedback. With all of these “stores” popping up for Docker and Snaps and Flatpaks it feels like we are sliding back into the Wild West of looking for software sources that you can trust and not accidentally download a virus infested program into your Windows 98 like was common back in the day when you got your EXE from random sites on the Internet. Now we have similar issues popping up with crypto miners as Tom Lawrence does good job explaining in this short video:
I guess the best practice would be to check the official snap store site unless they list the publisher/maintainer in the Ubuntu Store, you can find that information here when you search for the program you are looking for:
MS probably doesn’t have a snap listed for download for VS Code because you are supposed to install Snaps either through the CLI or Ubuntu Store. It is probably best to stick with publishers/maintainers that are “verified” or the actual person or company that produces the app because you will more likely have a snap that stays up to date. In the case of VS Code it looks like the Microsoft team in charge of VS Code are the maintainers.
I know with MS Powershell they encourage you to install Snapd on your distribution and then install Powershell by a Snap. I believe it is their preferred method to install Powershell on Linux.
On the VS Code download page I noticed that they do have the link to the Snapcraft website store so they are encouraging you to use that method as well for installing VS Code. Their download site does have the DEB and RPM packages highlighted, and those would probably be the best methods to use for Debian or Red Hat and Fedora.
All that to say, that for your use case the snap is probably a good option because it is being maintained by the VS Code team.