Ok, I see now. So it only prevents leaking information to outside but the other part still knows everything.
Essentially, yes.
No, you're right. My comment above was based on the initial blog post you linked where they said they didn't support it, but I guess that blog post is out of date and they do support xpubs now.
If it were me, I would probably create a new wallet just for Bitwage and give them the xpub. They can then send to a new address every time, which stops any third parties monitoring how much you are being paid, and I would use different wallets entirely for all my other bitcoin activities, which stops Bitwage from seeing everything else you are doing via your xpub.
additionally the derivation path needs to be communicated beforehand if the master key is being transferred since without knowing the path you can end up with a different set of keys.
That's addressed in the second link OP shared. They use m/0/0 for the first address, and simply increment by 1 from there.