This will get Prey installed on your Mac's recovery partition, which means Prey will load and run if you hold command-R when booting the Mac. I have not verified whether or not Prey is able to send reports etc. when it runs; I can only say that it runs.
If you login as the guest user (which starts a Safari-only login, with no access to the FileVault-encrypted HD), Prey runs, but I have been unable to get it to generate a report. I'm using Prey in "self served" mode, where it's checking a URL, so having it hit the preyproject server might change things.
I'm providing this information as-is, with no warranties, no guarantees, no nothing. I don't have time to dink with it any more right now. Maybe someone can take what I've done and get something working more dependably.
1. Install, configure, and test Prey on your computer. Be sure it works.
2. Open TextEdit and create a file called "CreatePreyRecovery.command" (this will make it a double-clickable Terminal script). Paste the following text into the file, save & exit.
#!/bin/bash
#
# Mount the recovery partition
/usr/bin/sudo /usr/sbin/diskutil mount Recovery\ HD
#
# Backup the recovery boot image
/usr/bin/sudo /bin/cp /Volumes/Recovery\ HD/com.apple.recovery.boot/BaseSystem.dmg ~/Desktop/
#
# Create a read/write version, and mount it
/usr/bin/sudo /usr/bin/hdiutil convert ~/Desktop/BaseSystem.dmg -format UDRW -o ~/Desktop/BaseSystem-rw.dmg
/usr/bin/sudo /usr/bin/hdiutil attach ~/Desktop/BaseSystem-rw.dmg
#
# Copy your working Prey installation to the read/write image
/usr/bin/sudo /bin/cp -Rp /usr/share/prey /Volumes/Mac\ OS\ X\ Base\ System/usr/share/
#
# Copy necessary utilities that are missing from the default recovery image
for prog in dirname uname who whoami curl
do
/usr/bin/sudo /bin/cp -p /usr/bin/$prog /Volumes/Mac\ OS\ X\ Base\ System/usr/bin/
done
#
# Create the necessary files/folders
/usr/bin/sudo /bin/mkdir /Volumes/Mac\ OS\ X\ Base\ System/Library/LaunchDaemons
/usr/bin/sudo /usr/bin/touch /Volumes/Mac\ OS\ X\ Base\ System/Library/LaunchDaemons/org.preyproject.prey.plist
/usr/bin/sudo /usr/bin/touch /Volumes/Mac\ OS\ X\ Base\ System/private/var/db/launchd.db/com.apple.launchd/overrides.plist
#
# Assign the correct ownership/permissions
/usr/bin/sudo /usr/sbin/chown -R root:wheel /Volumes/Mac\ OS\ X\ Base\ System/Library/LaunchDaemons
/usr/bin/sudo /usr/sbin/chown root:wheel /Volumes/Mac\ OS\ X\ Base\ System/private/var/db/launchd.db/com.apple.launchd/overrides.plist
/usr/bin/sudo /bin/chmod 755 /Volumes/Mac\ OS\ X\ Base\ System/Library/LaunchDaemons
/usr/bin/sudo /bin/chmod 644 /Volumes/Mac\ OS\ X\ Base\ System/Library/LaunchDaemons/org.preyproject.prey.plist
/usr/bin/sudo /bin/chmod 600 /Volumes/Mac\ OS\ X\ Base\ System/private/var/db/launchd.db/com.apple.launchd/overrides.plist
#
# Create the plist file that tells launchctl to run prey every 10 minutes
/usr/bin/sudo /bin/cat > /Volumes/Mac\ OS\ X\ Base\ System/Library/LaunchDaemons/org.preyproject.prey.plist << END1
<?xml version="1.0" encoding="UTF-8"?>
<plist version="1.0">
<dict>
<key>Label</key>
<string>org.preyproject.prey</string>
<key>LingonWhat</key>
<string>/usr/share/prey/prey.sh</string>
<key>ProgramArguments</key>
<array>
<string>/usr/share/prey/prey.sh</string>
</array>
<key>StartInterval</key>
<integer>600</integer>
</dict>
</plist>
END1
#
# Tell launchctl to load the plist file automatically
/usr/bin/sudo /bin/cat > /Volumes/Mac\ OS\ X\ Base\ System/private/var/db/launchd.db/com.apple.launchd/overrides.plist << END2
<?xml version="1.0" encoding="UTF-8"?>
<plist version="1.0">
<dict>
<key>org.preyproject.prey</key>
<dict>
<key>Disabled</key>
<false/>
</dict>
</dict>
</plist>
END2
#
# Be sure launchctl actually loads the plist file at boot
/usr/bin/sudo echo "/bin/launchctl load -F /Library/LaunchDaemons/org.preyproject.prey.plist" >> /Volumes/Mac\ OS\ X\ Base\ System/etc/rc.common
#
# Unmount the modified image
/usr/bin/sudo /usr/bin/hdiutil detach /Volumes/Mac\ OS\ X\ Base\ System
#
# Convert the modified image to compressed read-only, and verify the final image
/usr/bin/sudo /usr/bin/hdiutil convert ~/Desktop/BaseSystem-rw.dmg -format UDZO -o ~/Desktop/BaseSystem+Prey.dmg
/usr/bin/sudo /usr/bin/hdiutil verify ~/Desktop/BaseSystem+Prey.dmg
#
# Replace the old image with the new
/usr/bin/sudo /bin/cp ~/Desktop/BaseSystem+Prey.dmg /Volumes/Recovery\ HD/com.apple.recovery.boot/BaseSystem.dmg
#
# Done!
#