Kagi.com search uses the referrer-policy: same-origin header to prevent the referrer from being leaked to uncontrolled sites.
It appears the new assistant is neither defining this header, nor is using rel=noreferrer, this causes the referral metadata to leak to the third-party.
Ideally, referrer-policy would be globally applied on all Kagi endpoints.
I also noticed that the new assistant is missing much of the hardening that Kagi proper has, e.g. Content Security Policy.
.
