Prevent a program from writing the HOME directory using SMACK

I have a binary program that creates an empty folder in the HOME directory everytime it starts up. I don't like that and want to use the [SMACK](https://www.kernel.org/doc/html/latest/admin-guide/LSM/Smack.html) mechanism to stop it from doing that. My idea is to label the HOME directory with tag HOME and the program process with tag NoWriteHome, then write three SMACK rules:

$ sudo setfattr -n security.SMACK64     -v 'HOME'        "/home/${USER}"
$ sudo setfattr -n security.SMACK64EXEC -v 'NoWriteHome' "${PATH_TO_EXECUTABLE}"
$ cat  _           HOME    rwxat
> NoWriteHome _       rwxat
> NoWriteHome HOME    r-x--
> EOF

I did an experiment on /usr/bin/bash and it worked as expected:

$ cd
$ touch a
touch: cannot touch 'a': Permission denied

But when it comes to the program, it failed to start while loading dynamic libraries:

$ (
> export QT_PLUGIN_PATH="/opt/Wolfram/WolframEngine/14.0/SystemFiles/Libraries/Linux-x86-64/Qt/plugins/"
> export LD_LIBRARY_PATH="/opt/Wolfram/WolframEngine/14.0/SystemFiles/Libraries/Linux-x86-64:/opt/Wolfram/WolframEngine/14.0/SystemFiles/Libraries/Linux-x86-64/Qt/lib"
> export PATH="/opt/Wolfram/WolframEngine/14.0/Executables:${PATH}"
> export ESPEAK_DATA="/opt/Wolfram/WolframEngine/14.0/SystemFiles/FrontEnd/SystemResources/X/espeak-data"
> /opt/Wolfram/WolframEngine/14.0/SystemFiles/FrontEnd/Binaries/Linux-x86-64/WolframPlayer -topDirectory /opt/Wolfram/WolframEngine/14.0
> )
/opt/Wolfram/WolframEngine/14.0/SystemFiles/FrontEnd/Binaries/Linux-x86-64/WolframPlayer: error while loading shared libraries: libML64i4.so: cannot open shared object file: No such file or directory

Does anyone know why access to library files is denied? Is there something wrong with my SMACK rules?