Oh dear, a security company "expert," selling secure messaging software and who has incentives to see security flaws everywhere, mischaracterises the nature of the iOS co-operative model.
The whole point is an extension is just like any existing app running in a sandbox, except it can be run "apparently" in view context of another app (so not necessarily occupying all of the screen). There isn't any direct inter-app data exchange. When an app extension is run, iOS just provides a view into another extension app sitting in it's own sandbox. This is logically no different from any other app running.
Data exchange is always mediated by iOS, and is done pretty much one of two ways, saving a file at a mutually accessible file container location that is external to both Apps and messaging iOS with a URL that can be provided to the host app (this is in no way essentially different to existing apps being able to grab data from dropbox using the dropbox API).
The one additional risk, if it can be called that, is if the messaged app fails to securely process the contents of a URL, but since the URL's are provided by approved apps and no code is installed into a host app, if any extension providers misbehave, they can be killed, expunged by Apple. And indeed the same risk *already exists when any App processes URL's provided via email links or acquired from anywhere else* So this doesn't add any new category of attack vector either and is in fact safer than the existing ability for a user to open URL's from emails within an app.
So in reality, the fact there are app extensions ads no more risk than any OS enhancement. There's always the possibility of a latent security hole somewhere with any new added functionality, but really, the design Apple have implemented is very very secure and offers no more risk just because the words "app extension" are used. In important ways the words are simply a misnomer.