get_with_capability_join, get_users_by_capability, assign/unassign_capability do not check the cap exists

None of these functions actually check that a capability exists.
As a result it is possible to assign a fake capability and have that exist in some situations.

Similarly a typo in a call to get_users_by_capability, could lead to a negated check, which could cause access where it should be denied.

For example:

$userswithcap = get_users_by_capability($context, 'modle/site:dosomething');

foreach ($enrolledusers as $user) {

    if (!isset$userswithcap[$user->id])) {

        // Do something which we would not recommend.

    }

}

For the most part this issue is relatively trivial but mis-use of capabilities could allow for greater problems which make this potentially more serious.