diff --git a/skills/kugetsu/scripts/kugetsu b/skills/kugetsu/scripts/kugetsu
index 3b77ea0..7fbed5b 100755
--- a/skills/kugetsu/scripts/kugetsu
+++ b/skills/kugetsu/scripts/kugetsu
@@ -697,12 +697,16 @@ cmd_env() {
 
 cmd_doctor() {
     local fix=false
+    local fix_permissions=false
     
     while [ $# -gt 0 ]; do
         case "$1" in
             --fix)
                 fix=true
                 ;;
+            --fix-permissions)
+                fix_permissions=true
+                ;;
             *)
                 ;;
         esac
@@ -800,6 +804,52 @@ cmd_doctor() {
             fi
         fi
     fi
+    
+    if [ "$fix_permissions" = true ]; then
+        echo ""
+        echo "Fixing session permissions..."
+        fix_session_permissions
+    fi
+}
+
+fix_session_permissions() {
+    local opencode_db="${OPENCODE_DB:-$HOME/.opencode/opencode.db}"
+    
+    if [ ! -f "$opencode_db" ]; then
+        echo "[ERROR] opencode database not found: $opencode_db"
+        return 1
+    fi
+    
+    local base_session_id=$(get_base_session_id)
+    local pm_agent_session_id=$(get_pm_agent_session_id)
+    
+    local PERMISSION_JSON='[{"permission":"question","pattern":"*","action":"deny"},{"permission":"plan_enter","pattern":"*","action":"deny"},{"permission":"plan_exit","pattern":"*","action":"deny"},{"permission":"external_directory","pattern":"*","action":"allow"}]'
+    
+    if [ -n "$base_session_id" ] && [ "$base_session_id" != "null" ]; then
+        echo "Updating base session permissions: $base_session_id"
+        python3 -c "
+import sqlite3
+conn = sqlite3.connect('$opencode_db')
+cursor = conn.cursor()
+cursor.execute(\"UPDATE session SET permission = ? WHERE id = ?\", ('$PERMISSION_JSON', '$base_session_id'))
+conn.commit()
+print('[OK] Base session permissions updated')
+"
+    fi
+    
+    if [ -n "$pm_agent_session_id" ] && [ "$pm_agent_session_id" != "null" ] && [ "$pm_agent_session_id" != "None" ]; then
+        echo "Updating PM agent session permissions: $pm_agent_session_id"
+        python3 -c "
+import sqlite3
+conn = sqlite3.connect('$opencode_db')
+cursor = conn.cursor()
+cursor.execute(\"UPDATE session SET permission = ? WHERE id = ?\", ('$PERMISSION_JSON', '$pm_agent_session_id'))
+conn.commit()
+print('[OK] PM agent session permissions updated')
+"
+    fi
+    
+    echo "Session permissions fix complete"
 }
 
 DEBUG_MODE=false
@@ -1054,6 +1104,8 @@ EOF
     echo "Initialization complete!"
     echo "- Base session: $new_session_id"
     echo "- PM agent: ${new_pm_session_id:-created by hermes}"
+    
+    fix_session_permissions
 }
 
 cmd_start() {
diff --git a/skills/kugetsu/tests/test-kugetsu-v2.sh b/skills/kugetsu/tests/test-kugetsu-v2.sh
index 9d474d7..70835a7 100644
--- a/skills/kugetsu/tests/test-kugetsu-v2.sh
+++ b/skills/kugetsu/tests/test-kugetsu-v2.sh
@@ -646,6 +646,58 @@ echo ""
 # Cleanup env files
 rm -rf ~/.kugetsu/env 2>/dev/null || true
 
+# Test E7: fix_session_permissions function exists
+echo "--- Test: fix_session_permissions function exists ---"
+if grep -q "fix_session_permissions()" "$KUGETSU"; then
+    pass "fix_session_permissions function exists"
+else
+    fail "fix_session_permissions function not found"
+fi
+echo ""
+
+# Test E8: cmd_doctor --fix-permissions flag is recognized
+echo "--- Test: cmd_doctor --fix-permissions flag ---"
+OUTPUT=$($KUGETSU doctor --fix-permissions 2>&1 || true)
+if echo "$OUTPUT" | grep -q -E "(Fixing session permissions|Session permissions fix complete|opencode database not found)"; then
+    pass "cmd_doctor --fix-permissions flag is recognized"
+else
+    fail "cmd_doctor --fix-permissions not recognized: $OUTPUT"
+fi
+echo ""
+
+# Test E9: fix_session_permissions has valid permission JSON
+echo "--- Test: fix_session_permissions has valid permission JSON ---"
+PERMISSION_JSON='[{"permission":"question","pattern":"*","action":"deny"},{"permission":"plan_enter","pattern":"*","action":"deny"},{"permission":"plan_exit","pattern":"*","action":"deny"},{"permission":"external_directory","pattern":"*","action":"allow"}]'
+if python3 -c "import json; json.loads('$PERMISSION_JSON')" 2>/dev/null; then
+    pass "fix_session_permissions has valid permission JSON"
+else
+    fail "fix_session_permissions permission JSON is invalid"
+fi
+echo ""
+
+# Test E10: fix_session_permissions SQL UPDATE syntax is valid
+echo "--- Test: fix_session_permissions SQL UPDATE syntax ---"
+if python3 -c "
+import sqlite3
+conn = sqlite3.connect(':memory:')
+cursor = conn.cursor()
+cursor.execute('CREATE TABLE session (id TEXT, permission TEXT)')
+cursor.execute('INSERT INTO session (id, permission) VALUES (?, ?)', ('test_id', 'original'))
+cursor.execute('UPDATE session SET permission = ? WHERE id = ?', ('$PERMISSION_JSON', 'test_id'))
+conn.commit()
+cursor.execute('SELECT permission FROM session WHERE id = ?', ('test_id',))
+result = cursor.fetchone()
+if result and 'external_directory' in result[0]:
+    print('OK')
+else:
+    print('FAIL')
+" 2>/dev/null | grep -q OK; then
+    pass "fix_session_permissions SQL UPDATE syntax is valid"
+else
+    fail "fix_session_permissions SQL UPDATE syntax failed"
+fi
+echo ""
+
 # Cleanup
 cleanup