Hello, then it is a different story. There are two kind of accesses I can think off, one is a graphical access, where the attacker can see your screen and control the mouse (I'm not sure if that is possible, unless attacker first switches on the screen sharing/back to my mac option), and the other is command line access. The later is more likely and common (although Macs are usually quite safe, afaik).
If Espionage application is unlocked, attacker can unlock single folders, but only if he can control the graphical elements of your screen, because, considering Espionage does not support scripting or command line, he has to unlock the folder using Espionage GUI.
However, if a folder is unlocked, then the things are much simpler, the unlocked folders are mounted same way as for example an USB stick or external drive would mount. So simply listing mounted volumes using command line, he would be able to access the protected folder and copy the data out of it. This, of course, implies that he knows that you are using espionage and is making a targeted attack to get a data out of a protected folder.
The simplest way of protection I can think off, is to disconnect from the internet as long as you have some folder unlocked.
But of course, general security precautions like enabling firewall, switching off services you do not use, not opening suspicious mail attachments etc, will help too.
Rgds
Zsolt