Enum KindlyError 

pub enum KindlyError {
    DisplayError(String),
    TerminalError,
    ValidationError(String),
    InvalidInput {
        reason: String,
    },
    InvalidConfig {
        field: String,
        reason: String,
    },
    FileError(Error),
    PathNotFound {
        path: String,
    },
    SerializationError(Error),
    FormatError {
        expected: String,
        actual: String,
    },
    ScannerError(String),
    ThreatDetected {
        threat_type: String,
        location: String,
    },
    ResourceError {
        resource: String,
        limit: String,
    },
    TimeoutError(u64),
    NetworkError(String),
    ConnectionError {
        endpoint: String,
        reason: String,
    },
    AuthError {
        reason: String,
    },
    Unauthorized {
        action: String,
    },
    ProtocolError {
        code: i32,
        message: String,
    },
    MethodNotFound {
        method: String,
    },
    ConfigError(String),
    Internal(String),
}

KindlyGuard error types with actionable recovery strategies

Variants

DisplayError(String)

TerminalError

ValidationError(String)

Command validation failed. This occurs when user input doesn’t meet expected format or contains forbidden patterns.

Security Impact: Medium - Could indicate probing for vulnerabilities Recovery: Fail fast, log attempt, increment failure counter Safe Handling: Never echo back the invalid input verbatim

InvalidInput

Invalid input detected during parameter validation.

Security Impact: High - Often precedes injection attacks Recovery: Reject immediately, audit log with sanitized details Safe Handling: Return generic “Invalid input” without specifics Example: SQL injection attempts, path traversal patterns

Fields

reason: String

InvalidConfig

Fields

field: String

reason: String

FileError(Error)

PathNotFound

Fields

path: String

SerializationError(Error)

FormatError

Fields

expected: String

actual: String

ScannerError(String)

ThreatDetected

CRITICAL SECURITY ERROR: Active threat detected in input/output.

When It Occurs:

• Unicode attacks (invisible characters, RTL override)
• Injection attempts (SQL, command, path traversal)
• Known malicious patterns

Security Impact: CRITICAL - Active attack in progress Recovery: ALWAYS FAIL CLOSED

• Block the request immediately
• Generate high-priority audit event
• Increment threat counter for client
• Consider temporary IP ban after repeated attempts

Safe Handling:

• NEVER include threat details in user-facing messages
• Log full details to secure audit log only
• Return generic “Security policy violation” to client
• Preserve evidence for forensic analysis

Example Response:

{
  "error": {
    "code": -32004,
    "message": "Request blocked by security policy"
  }
}

Fields

threat_type: String

location: String

ResourceError

Resource exhaustion detected - possible DoS attempt.

Security Impact: High - Resource exhaustion attacks Recovery: Rate limit, circuit break, graceful degradation Safe Handling: Generic message, preserve service availability

Common Scenarios:

• Memory limit exceeded (large file uploads)
• Connection pool exhausted (connection flood)
• CPU quota exceeded (computational DoS)

Response Strategy:

• Apply exponential backoff to client
• Shed load if necessary
• Return 503 Service Unavailable with Retry-After header

Fields

resource: String

limit: String

TimeoutError(u64)

Operation timeout - prevents indefinite resource holding.

Security Impact: Medium - Possible slowloris attack Recovery: Clean up resources, fail fast Safe Handling: No internal timing information in response

NetworkError(String)

ConnectionError

Fields

endpoint: String

reason: String

AuthError

CRITICAL: Authentication failure - possible credential attack.

Security Impact: CRITICAL - Unauthorized access attempt Recovery: ALWAYS FAIL CLOSED

Required Actions:

1. Log to security audit with timestamp, IP, attempt details
2. Increment auth failure counter for IP/client
3. Apply progressive delay (2^n seconds after n failures)
4. Trigger account lockout after threshold (e.g., 5 attempts)
5. Alert on patterns (distributed attempts, timing attacks)

Safe Handling:

• NEVER reveal why authentication failed
• Use constant-time comparison for credentials
• Return identical error for “user not found” vs “wrong password”
• Generic message: “Authentication failed”

Logging Requirements:

audit_log.critical(AuditEvent::AuthFailure {
    client_ip: ip,
    user_id: sanitize(user_id), // Hash if sensitive
    timestamp: SystemTime::now(),
    failure_count: count,
});

Fields

reason: String

Unauthorized

CRITICAL: Authorization failure - privilege escalation attempt.

Security Impact: CRITICAL - Possible privilege escalation Recovery: DENY and audit

Required Actions:

1. Deny the action immediately
2. Log full context to security audit
3. Check for authorization probe patterns
4. Consider session termination for repeated attempts

Safe Handling:

• Return minimal information: “Unauthorized”
• Don’t reveal what permissions are needed
• Don’t indicate if resource exists

Fields

action: String

ProtocolError

Fields

code: i32

message: String

MethodNotFound

Fields

method: String

ConfigError(String)

Internal(String)

Implementations

impl KindlyError

pub const fn severity(&self) -> ErrorSeverity

Get the severity level of the error

pub const fn is_retryable(&self) -> bool

Check if the error is retryable

pub fn user_message(&self) -> String

Get a user-friendly error message

pub const fn to_protocol_code(&self) -> i32

Convert to MCP protocol error code

Trait Implementations

impl Debug for KindlyError

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Display for KindlyError

fn fmt(&self, __formatter: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Error for KindlyError

fn source(&self) -> Option<&(dyn Error + 'static)>

Returns the lower-level source of this error, if any.

fn description(&self) -> &str

👎Deprecated since 1.42.0: use the Display impl or to_string()

fn cause(&self) -> Option<&dyn Error>

👎Deprecated since 1.33.0: replaced by Error::source, which can support downcasting

fn provide<'a>(&'a self, request: &mut Request<'a>)

🔬This is a nightly-only experimental API. (error_generic_member_access)

Provides type-based access to context intended for error reports.

impl From<Error> for KindlyError

fn from(source: Error) -> Self

Converts to this type from the input type.

impl From<Error> for KindlyError

fn from(source: Error) -> Self

Converts to this type from the input type.