Yes, I agree. I've been thinking about this problem within large orgs, code search, standards and how to surface them to developer agents. This looks quite promising.
I think there will always be people interested in the craft. Look at photography, there's loads of digital cameras that are technically better than any old 35mm film, but people still to that for the love of the craft.
Some developers will do the same. To each their own.
Vectimus does input inspection on approved MCP servers, but it can only catch known bad patterns too. It does not try to solve prompt injections or if a legitimate MCP server was comprimised and returned poisoned outputs. I do plan to add additional post took hooks in future that can scan the MCP server output too.
You're project is interesting. It's a bit of an MCP proxy in a way, moreso than Azure API Management, yours seems to give more functionality. I will definitely take a look.