I partially agree..
I don't wrap xp_cmdshell at all, I instantiate a process directly, this also means I can control security context. If you wrap xp_cmdshell in a sproc you are still using it.. I want it disabled entirely.
SQLCLR is harder to debug, but once you've done it once it is pretty straightforward.
As far as not everyone knowing how.. So? If you want to do it you LEARN, just like everything else.
Memory leaks are always a possibility, but I have had no issues with this methodology, mileage may vary..
Also, as a side note, a number of the newer datatypes are actually SQLCLR functions, geography/geometry are examples. So sayeth MS..
If it makes sense I use SQLCLR, but it has to make sense. I've done this stuff long enough to realize there are VERY few hard and fast rules, and the words "always" and "never" are rarely used.