1. The biggest reason was, it was very easy. The patch was 25 very fluffy lines of code and configuration. If you don't want to use HTML::Filter, it doesn't require you to have the module installed.
2. It made it trivial to allow customization of the filters: you can easily configure the list of tags you want removed.
3. It allows you to let safe things like formatting tags work as intended, while disallowing javascript, forms, etc. Blindly escaping everything that looks remotely HTML-ish doesn't allow this, and writing the code by hand to figure out what to escape and what not to escape is a lot more difficult than using a canned module.

The same principle applies here: HTML::Filter isn't as efficient in processing time or code size as something akin to s/</&gt;/g; s/>/&lt;/g;. But it provides functionality that a few simple escaping regexes do not. If you don't need that functionality, then by all means make your design decisions differently. I chose an easily configurable solution partially because it allowed us to do what we needed to do, but also because the code allows other people to do what they need to do as well, even if they have different requirements than I do.

By way of an update:
I was able to contact the script's author, and I submitted my patch. The script is currently going through a rewrite, but he expects to release a patched version of the old code before the new version is available. The most important outcome is the fact that the author now knows of a problem in the script that he didn't know about before. If he decides to solve it some way other than the way I used, that's up to him. In the mean time, I'll use the solution I have.

Update: Sorry to sound defensive; I guess I misinterpreted the tone of your question :)

Alan

No need to get defensive, I was really just asking the question I posted. What I missed then is the fact that you explicitly wanted to allow some markup. In that case of course HTML::Filter is a very sensible choice.

Makeshifts last the longest.