Hey varac,
We are aware of this drawback and it is due to the feature not being supported (properly) inside Tianocore.
Concerning the threat model, booting from a stick should not be a problem as your entire hard-disk is encrypted, means even if someone boots into a live-system there still will be no access possible to your data.
Still as you mentioned the evil-maid scenario can happen, but is more sophisticated as you say.
Best