There is some security value insofar as in a one-pass scheme the encapsulator has to trust that the decapsulator has securely generated their public/private key pair. It's not clear how much additional trust there is in this assumption beyond the trust that the decapsulator is securely implementing their other operations. Nevertheless in the scenario that you have a decapulator who performs all actions other than key generation appropriately, but generates keys in an insecure fashion (e.g. due to insufficient entropy) then a two-pass system would add security.
The downside is that there is an increase in communication and possibly in the required number of synchronised exchanges to establish a key. There is also often an asymmetry in the encapsulation and decapsulation mechanisms. A two-pass system puts the latency of the key establishment down to the time of the heaviest computation on the least resourced participant. Note that the public keys for encapsulation should also be authenticated, places a burden of key registration on all participants and again adding to computational burden.
The increase in practical efficiency is viewed as outweighing the ill-defined risk decrease of a two-pass system and so practical implementations typically only use a one-directional key establishment.
