but then if we have that why do we need CSFS?

1. the same reason we have CHECKSIG and CHECKSIGVERIFY and EQUAL and EQUALVERIFY. different contracts are easier with either. bitcoin script has a lot of redundancies for slight optimizations.
2. because we can not soft-fork into legacy script a new opcode that alters the stack, this is only possible with OP_SUCCESS in tapscript. so the CSFSVERIFY will simply fail the script if the signature is not valid, but won't consume any stack elements. which is sometimes very inconvenient.