As the need for secure systems grows, the exploration of secure hardware like Morello, based on the Capability Hardware Enhanced RISC Instructions (CHERI) architecture, becomes crucial. As Morello navigates towards market induction, establishing systematic approaches for transitioning software to its pure capability mode emerges as a crucial research endeavor. This paper investigates two main areas: a comparison with CERT guidelines and an exploitation analysis on the Morello platform. The comparison aims to identify potential developer-induced vulnerabilities and compiler limitations, elucidating how the Morellollvm compiler behaves when there are CERT rule violations. Our exploitation analysis explores the limitations of the Morello-llvm compiler toolchain and the developer errors that could bypass Morello's advanced security features. The findings highlight that despite advancements in toolchains, developer-induced vulnerabilities remain a significant issue, emphasizing the importance of adhering to established programming standards like CERT guidelines.