I'm not sure why you would attempt to break into a court house without some paperwork saying what you're doing with some signatures from the proper authorities. It seems kind of dumb, frankly. Pen testing is risky if you can't prove that someone with the right to do so asked you to do it.
Getting prosecuted is different.
Breaking and entry and stalking, are both illegal for very good reasons. Pentesters who do this without consent are acting unethically, breaking the law, and putting themselves and others in danger.
If a pen tester really believes physical compromise is something that should be tested, they absolutely cannot do it without consent of the involved parties. If the business reduces the value of the test by changing security rules during the process that's their own wasted money. If you want to be testing employees you need case by case consent - again, if they changing behaviour during the test, it's simply the company's money be wasted. A company cannot tell the pen testers to target employees without the both informing and getting the employee's consent.
I continue to think people calling themselves "pentesters" while doing this kind of nonsense give actual professionals a bad name.
With all the popularity pentesting has these days I'm not surprised that some companies that try to make a quick buck don't understand how serious something like this is.
Pentesters need an "out of jail for free" card, signed by all necessary stakeholders (as high up the mgmt chain from all organizations involved as needed) and carry that with them during such exercises. At least have a number of someone on hand to call for checking authorization.
The fact they didnt do some basic paperwork before shines bad on the pentest company and now really means the pentesters broke the law. It's crazy. Poor guys, but they have to know better in this profession.