The 3 modules added in https://github.com/wildfly/wildfly/pull/11454 need this in their module.xml:
This ensures that we log a WARN if the user tries to directly use these modules as application dependencies. (Directly == via their own deployment configuration, not via our subsystem wiring them in as a dependency. See  for the impl.)
These log WARNs and the setting in the file itself are important both to prevent the user making mistakes and as the formal the mechanism by which we control how we support use of the various libraries we ship in the appserver. Marking modules private, deprecated etc gives us the freedom to rework implementations without worrying about breaking unexpected uses of things.