I guess import-related regex was introduced in #4, and digging deeper found that it was introduced to circumvent an issue in antisamy library nahsra#24, and as per antisamy developer it's issue with CSS parser used in antisamy which seems fixed in nahsra#108
so if we upgrade the antisamy library then it's very well possible that we could remove our custom handling and also get rid of security issue

I have further investigated this, and here are my findings:
The fix mentioned in nahsra#108 refers to enabling embedStyleSheets
<directive name="embedStyleSheets" value="true"/>

According to the documentation https://github.com/nahsra/antisamy/wiki/AntiSamy-Directives,
the embedStyleSheets directive allows external stylesheets referenced through @import to be fetched and embedded into the sanitized output. Allowing CSS imports from external URLs is a dangerous practice. It exposes the application to security risks by allowing the inclusion of potentially malicious external CSS, which goes against AntiSamy’s purpose of ensuring secure input sanitization. Support for this feature in AntiSamy is deprecated and will be removed in a future release.

As described in #2, there remains an issue where media queries are stripped during sanitization. This behavior is attributed to the underlying third-party library (org.apache.xml.serialize.HTMLSerializer) used for document serialization within AntiSamy. The fix in nahsra#108 does not explicitly address this media query stripping issue.
Therefore, it is uncertain whether the upgrade resolves the media query serialization issue.

Suggested Next Steps:
Conduct a detailed review of the latest AntiSamy release to verify if the media query stripping issue (linked to HTMLSerializer) has been resolved.
Determine whether the upgrade allows us to eliminate our custom handling without compromising security.
Ensure the embedStyleSheets directive remains disabled to mitigate risks associated with remote CSS imports.