Mempool front-running of a Taproot hashlock spend

I built a Taproot address with a SHA256-hashlock leaf (OP_SHA256 <h> OP_EQUALVERIFY OP_TRUE, preimage "helloworld"). On mainnet I spent that leaf — the witness necessarily contains the preimage and the leaf script.

Within a few minutes, a different transaction spent the same UTXO to an unrelated address, paying a far higher fee, and confirmed instead of mine:

• my spend: 44bb85269ffacd88903154e8e2af0d4963ba4022cc57e706b5819fd008e978d3 (replaced)
• the replacement: 9fc1923c513cdf5a620ef88f61dbc3997e697cad0381b6f6c28827e4332dc363（link)

My understanding is that spending a hashlock reveals the preimage in the public mempool before confirmation, and under default full-RBF anyone can broadcast a higher-fee conflicting spend of the same output. Is this the correct explanation? Is automated "sweeping" of revealed-preimage / anyone-can-spend outputs a known, active phenomenon on mainnet, and is there any way to spend such an output without exposing it to this race (e.g., out-of-band submission)?

My understanding is that spending a hashlock reveals the preimage in the public mempool before confirmation, and under default full-RBF anyone can broadcast a higher-fee conflicting spend of the same output. Is this the correct explanation?

Yes.

Is automated "sweeping" of revealed-preimage / anyone-can-spend outputs a known, active phenomenon on mainnet

Yes, it has existed for years. It's trivial to scan for insecure transactions and replace them. There may be multiple independent entities doing so.

is there any way to spend such an output without exposing it to this race (e.g., out-of-band submission)?

You can try to submit to miners privately, but nothing can prevent those who know the preimage from taking your coins. Outputs which do not require a digital signature for spending are fundamentally insecure, as there is no information difference between honest users and attackers.

It may be possible to use out-of-band submission mechanisms to send the transaction directly to some miner(s), but this still relies on trusting the miner to not just steal your coins. Arguably, it is equivalent to sending your coins to the miner, and kindly ask to leave the transaction output that sends to you in place. Worse, in the case of a reorg, the input may become unspent again, despite the preimage being published, so then it becomes available for anyone to take.