So refuse output, wait until signing figures out which input corresponds to that registered output and ban that input.
Think about what you achieve with this. In this case you remove the bad egg from the round and make the coinjoin with everyone else. What if you keep the bad egg and make the coinjoin with it? It does not make a difference in terms of privacy for the rest of us.
But removing the bad egg makes the UX worse for everyone else by aborting the round.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store