Re: Where does security sit?
For your security concern you are right at some level IMO. CIA which stands for confidentiality, integrity and availability should be in place for any critical data which needs to be protect.
If we look these three major field for VPNs, obviously if you are not encrypting your data, at least at service provider can be read, can be eavesdropping. But this is not weakness of MPLS, almost all overlays ( except IPSEC enabled DMVPN, GETVPN so on) works like this. So for confidentiality, another overlay , generally GETVPN is suggested over MPLS VPN since it is best suitable over the private VAN.
For integrity, you are also correct. There is no built in authentication/hashing alghoritm for MPLS. But again this is not weakness of MPLS, whatever technology you use, unless you are not implementing authentication maybe with preshared key or with certificates, you can not make sure from the integrity of packets.( For the link level errors some overlays use CRC for basic integrity check)
For availability, MPLS may or may not give you additional benefit based on which application of MPLS you implement.For example you might be implemented MPLS Traffic Engineering for local or path protection and you can get 50ms convergence time which is more than enough for most of the application.
Conclusion : MPLS is not weak from the security point of view compare to pure IP network, even maybe can be seen as more secure if you accept abstraction/segmentation as security parameters.