It's nice to guarantee that every value has a string representation. The not-so-nice part is that you have no static types and therefore no easy way to guard against mixing up safe and unsafe strings, so security reviewers will have a hard time. This is a design from before when the dangers of handling untrusted input as bare strings and doing escape handling all over the codebase were understood.