This gets off topic of Firefox, but I don't see how any middleware can address your concern.

It is the very information you feed to the AI to get results that is in danger. No matter how you mask some metadata or account info, the actual in-band content is a problem.

The only solution is self-hosting of a model so the input and output cannot be monitored. And this also means running it offline, since a "black box" model that can do RAG or MCP or anything like that could also use covert channels to leak the information you are trying to control.