It is all about performance, scalability and security.
If you create a query using literals:
where x = 42;
where x = 55;
....
where x = 10325432;
you will create a unique SQL statement for each unique set of inputs. Each unique sql statement will necessitate a hard parse (which is very very very bad). A hard parse takes MUCH longer and uses MANY MORE resources than "no parse" or "soft parse" does. (see:
http://asktom.oracle.com/pls/asktom/f?p=100:11:0::::P11_QUESTION_ID:2588723819082 for details on hard/soft/no parse...)
If you create a query using sys_context (or bind variables), you will generate just ONE query:
where x = sys_context('my_ctx','x')
or at least a small number of queries (if you have more than one possible column to place the predicate against). You will generate a reasonable number of unique sql statements - each of which will be hard parsed ONCE and then soft parsed from then on in. You will have reduced dramatically the amount of hard parsing you do.
That is good for single user performance (you might be surprised to find that for small quick SQL statements - up to 90-95% of your runtime can be spent in PARSING sql, not actually EXECUTING sql!).
It is also imperative for multi-user performance. In order to hard parse you have to LATCH (which is another way to say "lock", to say "serialize") data structures in the SGA frequently. This is a MAJOR (I might say "the major") scalability inhibitor I see in systems today. Applications that hard parse frequently cannot execute hundreds of statements per second - simply because you cannot hard parse hundreds of statements per second - because of the serialization.
Lastly - it is relevant from a security perspective. If you are using the famous "single application user account in a middle tier application" (whereby everyone logs into the database as a single user), you will be subject to SQL injection if you place literals in your SQL. SQL injection is insidious and hard to detect/protect against. If you use bind variables or the sys_context trick - your SQL will not be subject to sql injection since the input to your procedure will not become PART of the sql statment - it will only be inputs to the SQL statement.
So, you do this for
o single user performance
o multi-user scalability
o security
reasons.