My understanding is that spending a hashlock reveals the preimage in the public mempool before confirmation, and under default full-RBF anyone can broadcast a higher-fee conflicting spend of the same output. Is this the correct explanation?
Yes.
Is automated “sweeping” of revealed-preimage / anyone-can-spend outputs a known, active phenomenon on mainnet
Yes, it has existed for years. It’s trivial to scan for insecure transactions and replace them. There may be multiple independent entities doing so.
is there any way to spend such an output without exposing it to this race (e.g., out-of-band submission)?
You can try to submit to miners privately, but nothing can prevent those who know the preimage from taking your coins. Outputs which do not require a digital signature for spending are fundamentally insecure, as there is no information difference between honest users and attackers.
It may be possible to use out-of-band submission mechanisms to send the transaction directly to some miner(s), but this still relies on trusting the miner to not just steal your coins. Arguably, it is equivalent to sending your coins to the miner, and kindly ask to leave the transaction output that sends to you in place. Worse, in the case of a reorg, the input may become unspent again, despite the preimage being published, so then it becomes available for anyone to take.
