The agent package created in the Enforce server contains the Endpoint certificate (endpoint_cert.pem) and a private key (endpoint_priv.pem). You'd like to know what those are used for and whether compromise of those pose any security risk in terms of data interception.

The Endpoint Agent certificate and private key are only used for the TLS Handshake. Specifically those are used for Client Authentication only.

The certificate stored on the agent is not used for data encryption, therefore it cannot be used to intercept encrypted communications between agents and Endpoint Servers. In other words there is no interception/confidentiality risk related to the agent certificate and the private key.