This tool works by looking for specific sequences of bytecodes within the class files. The files are scanned locally in your browser with JavaScript and aren't sent to a remove server.
Be aware of false positives (it's possible but unlikely that a class file contains the same bytecode sequence as this tool is looking for) and false negatives (it's possible that a class file is infected but doesn't contain the same bytecode sequence as this tool is looking for). More information on this project's GitHub page.