At the user level, WordPress internally treats roles and capabilities the same. They're all stored in the wp_capabilities user meta field. This is unfortunate.

This means that wp user remove-cap <user> <role> works, which can have unexpected consequences if, for example, a script blindly loops over capabilities in order to remove them from a user and one of the capabilities is a role name.

I think if an attempt is made to remove a capability from a user that matches a role name, it should return an error along with recommending that wp user remove-role is used instead.