fix(permissions): preserve explicit deny over OmO defaults

Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>

src/plugin-handlers/tool-config-handler.test.ts

@@ -23,6 +23,36 @@ function createParams(overrides: {
 }
 
 describe("applyToolConfig", () => {
+  describe("#given config permission sets webfetch and external_directory", () => {
+    describe("#when applying tool config", () => {
+      it("#then should preserve explicit deny over OmO defaults", () => {
+        const params = createParams({})
+        params.config.permission = {
+          webfetch: "deny",
+          external_directory: "deny",
+        }
+
+        applyToolConfig(params)
+
+        const permission = params.config.permission as Record<string, unknown>
+        expect(permission.webfetch).toBe("deny")
+        expect(permission.external_directory).toBe("deny")
+        expect(permission.task).toBe("deny")
+      })
+
+      it("#then should allow webfetch and external_directory by default", () => {
+        const params = createParams({})
+
+        applyToolConfig(params)
+
+        const permission = params.config.permission as Record<string, unknown>
+        expect(permission.webfetch).toBe("allow")
+        expect(permission.external_directory).toBe("allow")
+        expect(permission.task).toBe("deny")
+      })
+    })
+  })
+
   describe("#given task_system is enabled", () => {
     describe("#when applying tool config", () => {
       it("#then should deny todowrite and todoread globally", () => {

src/plugin-handlers/tool-config-handler.ts

@@ -116,9 +116,9 @@ export function applyToolConfig(params: {
   }
 
   params.config.permission = {
-    ...(params.config.permission as Record<string, unknown>),
     webfetch: "allow",
     external_directory: "allow",
+    ...(params.config.permission as Record<string, unknown>),
     task: "deny",
   };
 }