I believe your can't mentions are accurate. With the can ones, it is worth noting that censoring blocks can come in the form of refusing to vote for blocks, so they won't be confirmed.
Some additional things they could potentially do:
- They can attempt multi-spends by sending each service a different set of votes for different forks of a source block
- They can freeze the network indefinitely
An additional can't:
- They can't prevent services throwing their node offline to avoid multi-spends
And note that these items could be resolved by the network if non-malicious nodes were to update their node software to ignore the maliciously identified voting weight and any subsequent movement of that voting weight. This would obviously be a big task to undertake, but getting to 51% ownership of voting weight on the network is extremely difficult to begin with thanks to the design of the ORV consensus mechanisms.