more or less about trustworthy infrastructure
If I am correct, your argument boils down to blocking happening outside the direct control of the user. This technically is true, as you don't have an icon in your browser like you would have with an extension.
At the same time, it being outside the control of the user is not really true if the user is also the person in control of the blocking solution. I don't know how it works with AdGuard, although I assume it is the same. Pi Hole offers extensive insights in what requests are being blocked, from which client and when.
This can even be adjusted on a per client level. Making that argument a more theoretical rather than a practical one.
Even if someone else has to use it. Certainly, when it is someone in their household who can access the administration for their client devices/applications as well.
Other people affected might be those who make use of the authors wifi. Where the author can also opt for guest wifi using regular DNS. Or not even do it on router basis and really a per-client basis.
The only context in which it is potentially "evil" or malicious is when people unknowingly get things blocked or redirected to the wrong things. But that is pretty far removed from the context of this article.