Uh. No. OP_0 is currently treated as a counter, but basically as a NOP now. After segwit is released, it is treated as script versioning. The OP_0 isn't the part that matters, but rather the fact that the stack is not zero or empty and thus is true. That is what makes it anyonecanspend because if the scriptsig is empty then the stack will always evaluate to true.
i love how you try to remain disagreeing, but when you try to explain it you are actually explaining that the op_0 is like i said NOT anyone can spend. and so its not exactly like an anyone can spend transaction at all.. like i said. and that the use of the example of anyone can spend is only as an analogy comparison and not a technical duplicate..
so back to my point. if a malicious pool adds segwit transaction the OLD clients will look passed it. meaning that the pool could grab any input from anyone and make a transaction that has a destination of a privkey the pool owns..
once locked in the block. other pools and nodes will see it as a FUNKY tx to overlook and they themselves cannot spend it. but when segwit is released, the malicious pool can grab that now 2000 confirmed tx output, sign it as an input because they have the key of the funds that are now 2000 confirmed. and so when they send out the transaction it would then be verified properly and see that it says the funds are valid because they are confirmed. and a valid key was used on the new tx.