The scenario as proposed is not possible. Not in only 10 minutes, and not without leaving ANY logs.
@Enki had a good point though that with remote login they could delete the logs as soon as I got it turned back on maybe? 🤔
My MacOS forensics skills are a little rusty, but even that would leave an indication that something happened for someone looking. But I don't think you could even get that far if the device is locked and password protected unless you already know the password.