A big problem I've hit with the Yii-Bootstrap extension is that all AJAX requests are initializing Bootstrap because of preload. This is a huge waste of resources, especially when using AJAX-based file uploaders that split the file into chunks. Large file uploads using that method could be initializing bootstrap hundreds of times.
This article is called extended guide is because there is already a security guide in the Yii tutorial security section. but that guide is not complete in the sense that it does not rise the developers' attention to some other commonly happening attacks: SQL injection and magic URL, which can be major vulnerabilities in your application without much caring.
To extend the functionality of you web application relative to your requirements you are supposed to use existing yii core libraries or use external libraries. There are some steps to ensure security, uniqueness, modularity, performance and to avoid rework in future.