Excellent find! You’re right: if we are using input/output ordering to implicitly check for where the covenant input/output is, but can’t enforce it, we’re gonna have a bad time.
for this vault case specifically, one easy mitigation would be to require a signature check in addition to the rest of the script. OP_VAULT has the idea of a “trigger key”. I think that’s a feature that makes a lot of sense. There’s not a great reason it’s not included in this implementation, I just didn’t do it. I’ll add that to my todo list as well 
Thinking more generally, we do cover the index of the input in our signature message (full spec in bip341) so I think we could enforce that the covenant input is at index 0 (or whatever).
On the dust, you are also right. I was seeing a lot of 546-value’d outputs and just picked that as reasonable-dust.