Hi there, I am one of the maintainer of the forked version of Extension:EmbedVideo.
I realized that the original extension has been requested multiple times on Miraheze but was declined due to security reasons in the past. While I am not familiar with the exact reasons that the old extension was declined, I will try my best to meet any necessary requirements from Miraheze for security review.
We forked Extension:EmbedVideo because it was unmaintained like most Fandom extensions. The forked version is refactored and includes numerous security and privacy improvements.
For example, the iframe would only be loaded when user gave consent by clicking the load button, so there would be no external connection until interacted. It also supports the native MediaWiki CSP so the required CSP rule would be added on the page that requires them. There are also support for local media, similar to Extension:TimedMediaHandler. A whitelist is also added so wiki can choose to only enable a selection of services.
However, because of the extensive rewrite, a lot of previously supported services were removed. The current support services include Archive.org, SoundCloud, Spotify, Twitch, Vimeo, and YouTube. More can be added in the future if needed but it is less than what the original extension support. The original parser functions are simplified into only one as well.
It is deployed on multiple production wiki, here's an example page on a YouTube embed.