My question is: How does the pool prevent the miner from screening the shares they generate for a large number of trailing zeroes that would afford them the whole block at the current difficulty? If a miner could do this, they could just steal blocks from the pool.
In addition to the other answer (which is the 100% slam dunk way we're guaranteed this can never happen), there's another practical problem. The miner can't steal the block because it doesn't *know* the block. All it gets from the pool is just enough information to find a nonce. The pool generates the block when the miner submits a nonce that meets the difficulty. (It might be possible to figure out the block by guessing though.)
I had this at first but edited it quickly, since in some scenarios the miner could do this. 0-tx stratum blocks come from some pools at LP time, so the stratum pool would only forward the single coinbase tx. This could be modified and submitted to a local bitcoind as a "full block". They could also just ignore the other transactions and rebuild the block as a coinbase-only block.
GBT sends the full raw txdata (I think it's raw data at least), so the miner could also pull that off with GBT by editing the coinbase then feeding the raw block to a local bitcoind if they solve it.
But still, this causes the problem of the pool rejecting the shares, so your income would be the same as if you were just solo mining on a local bitcoind.