OP is talking about a "puzzle transaction" output with a low range private key which can be easily computed from the public key.
(check the puzzle's mid ranges with revealed public keys, divisible by 5)

The main concern is; the public key will be made public the second he broadcast a transaction that spends that output.
Thus, every users that set-up a bot to compute the private key can immediately send a replacement transaction.

Unfortunately, the idea of using other scripts wont work in existing puzzles, that specific puzzle's outputs are simple P2PKH scripts.
The (new) puzzle has to be specifically made using it.

I bet you already think of disabling rbf flag?
However, even without opt-in-rbf flag, nodes with mempoolrbf option (full-rbf) will still accept a replacement to your transaction.
And there are miners that also support full-rbf.

The only safe way to do this is to ask a solo miner or pool to include the transaction without relaying it to the network,
but that also comes with the issue of trusting the miner whether they wouldn't take the puzzle reward themselves or not.