I use tar under Linux. I don't quite trust the Windows version in UnxUtils. You probably have a tar in Android.
To make a smaller tar file, at a command prompt type
tar tvf AP.tar
tar xvf AP.tar boot.img recovery.img vbmeta.img
tar cvf miniAP.tar boot.img recovery.img vbmeta.img
The first command prints the TOC, Table of Contents.
The second extracts three files from AP.tar -- it does not change AP.tar.
The third creates a new tar file consisting of the specified files.
The only thing tricky is you have to identify each file by its exact name, you can't use wildcards. (You can when you are building a new tar, because it's the shell filling in the names. When extracting, you have to write the name exactly as it is recorded in the tar file.) So if the tar contains "boot.img.lz4", you have to say that.
I don't know if, when the Magisk manager app is told to patch a tar file, it assumes "recovery" is where Magisk is to be injected, or it figures it out each time. But, when it is injecting Magisk into recovery, it also "patches" boot and vbmeta. Those other two may not be "patch to inject code", but they are at least "patch to change signature" -- maybe just "patch to clear the flag that says expect a signature".