Adding witness data to a non-segwit script is invalid by consensus:
This PR will detect such violation early and ban the peer:
https://github.com/bitcoin/bitcoin/pull/8499
Another approach is to run the scripts of all incoming transactions. That's not too bad as you have already fetched the utxos which is a major part of validation.