I think they mean why would discord let anyone delete a webhook if they have the webhook URL, as opposed to requiring a bot or user token with the correct permissions in the server the webhook is from
I answered that. If someone has your webhook either people will spam it which means it's best to have it deleted or private information is being sent over it in which it's best to delete it.
It's like if AWS had a public end point to invalidate access keys. If access keys are public they will be used for abuse, so it benefits everyone if anyone can report these access keys to AWS to have them deactivated.
