Yeah, that’s unfortunate that we have to trust developers to that extent. OTOH, it is true that they could get a lot of information once we give them the right to inject some JavaScript in every webpage we load. Personally, I have enabled it only on YouTube so they should not be able to touch the rest.

How do you enable an extension (this one) ONLY on youtube?

System Settings / Safari / Extensions / Vinegar

Set “all websites” to “deny”

Visit YouTube.com. Run the extension from the puzzle icon in the address bar, give it permission for “allow on this website”

Cool. Thanks! I guess this feature is not available on macOS pre-Monterey (i.e. Big Sur)? I could not find it neither in macOS / System Preferences nor Safari / Preferences / Extensions.

It would appear that this granularity is not part of Monterey's implementation of extensions at all. Might be a good addition to the Vinegar app.

When you activate it the first time, it asks whether it should be active for all websites or only the current one. You can also change that later in the settings. At least on iOS; I’ll need to check but I think it’s the same on recent macOSes.