With unlimited ZEC inside the Sapling pool, the attacker could still use it to trade, sell for other cryptocurrencies or for fiat, to buy goods and services, etc., and it could be an arbitrarily long period of time before such an attack was discovered.
No, the attacker couldn't because there's no exchange or trading platform that supports Sapling -> Sapling transactions. In fact most (all?!) exchanges only allow trading the transparent pool.