diff --git a/CHANGELOG.md b/CHANGELOG.md
index d0c88e72..983039ca 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@
 ### Changed
 
 - Explicitly require less of `active_support` (#834)
+- Using `permit` matcher without a surrouding `permissions` block now raises a useful error. (#834)
 
 ## 2.4.0 (2024-08-26)
 
diff --git a/lib/pundit/rspec.rb b/lib/pundit/rspec.rb
index 02ebcaf8..0aa54fa2 100644
--- a/lib/pundit/rspec.rb
+++ b/lib/pundit/rspec.rb
@@ -75,7 +75,11 @@ def description(user, record)
 
         def permissions
           current_example = ::RSpec.respond_to?(:current_example) ? ::RSpec.current_example : example
-          current_example.metadata[:permissions]
+          current_example.metadata.fetch(:permissions) do
+            raise KeyError, <<~ERROR.strip
+              No permissions in example metadata, did you forget to wrap with `permissions :show?, ...`?
+            ERROR
+          end
         end
       end
       # rubocop:enable Metrics/BlockLength
diff --git a/spec/dsl_spec.rb b/spec/dsl_spec.rb
index 2119f1ae..33d89d4c 100644
--- a/spec/dsl_spec.rb
+++ b/spec/dsl_spec.rb
@@ -36,6 +36,16 @@
   end
 
   describe "#permit" do
+    context "when not appropriately wrapped in permissions" do
+      it "raises a descriptive error" do
+        expect do
+          expect(policy).to permit(user, post)
+        end.to raise_error(KeyError, <<~MSG.strip)
+          No permissions in example metadata, did you forget to wrap with `permissions :show?, ...`?
+        MSG
+      end
+    end
+
     permissions :update? do
       it "succeeds when action is permitted" do
         expect(policy).to permit(user, post)