I’d argue that the convenience of this tool isn’t just the fact that it can tell a class/jar is “bad”, but the convenience of being able to automatically scan the filesystem to do that.

And most of the code I see is about walking the filesystem, unzipping jars, walking the files inside the jars.

Most codebases have this kind of plumbing all the time.