The wallet.dat file itself doesn't change when it is unlocked. The password is in RAM only. So if someone steals the file all they get is the encrypted version. But if they're smart they'll look in RAM and grab the password from there. "unlock for staking" still requires your private keys to be accessible to the client, and so they're also theoretically available to anyone with access to your system.
Does the client overwrite the decrypted keys (a) when the client "locks" after the specified period and (b) before the client exits? If not, the raw keys may remain in memory for longer than expected, especially since the OS may not immediately zero fill released memory.