The best approach is stealth. On the machine, for example, a device driver that quietly sets a flag if an unprompted passphrase is not entered in a specific time. This would help tell if any black bag software has been hurriedly placed on the machine. In the physical world, comparable bugs that leave quiet telltale signs (perhaps relayed offsite) that show the area has been compromised.
Black baggers generally have to get in and out quickly with incomplete knowledge of your situation. Doing a thorough reverse-engineer of you location is usually not an option for them. While the watermelon patch gun has a visceral appeal, in the end it's counterproductive. The state is much less dangerous when they don't know you're onto their games. j