I think @FrenchguyCH would be very offended by the idea that either application is "irrelevant". Maybe it's irrelevant to you, and it's fine for you to feel that way; but I hear that both programs help new users get around on Ubuntu MATE systems. I do not think removing them is a good idea.
Further, I'm not sure if you totally understand what you're doing by suggesting replacing the Software Boutique with GNOME Software. If a Snap is unconfined, it can't do any more damage than an application which is installed "normally", like GNOME Software. GNOME Software runs unconfined, too; it's just that Canonical has pushed Snaps as necessarily being "more secure" than other package formats, even though Snaps don't have to be, but that doesn't mean that Snaps are less secure than other package formats. Switching from an unprotected Snap to a normal system package is about as security-conscious as deciding that driving on the road is dangerous, so you decide to ride around in someone else's car instead.
Also keep in mind that, if you actually want to install software, both applications need to launch programs which are elevated to unusually high privilege levels -- in other words, root
access -- in order to install software. In that sense, neither application is more secure. The only real security feature I can see GNOME Software has and the Software Boutique doesn't is that the former has to enter the Ubuntu repositories, which is a somewhat tedious task that might get looked over by several other people first -- or it might not. Quite frankly, considering the quality of some packages, I wonder if some Ubuntu repository reviewers sometimes give their rubber stamp of approval without even understanding the proposed changes. And if the Snap maintainer's credentials could be stolen, I know for a fact that an APT maintainer's credentials could be stolen just about as easily.
So, unless you have more specific concerns than those which I already addressed (which I'd like to hear if you do), I find it unlikely that there is a real security hole here. It just looks to me like a bad case of Canonical's advertising campaign gone bad (again).