Add various scripts and JSON plans for Ghidra project

- Introduced `seg043_boundary_repair.json` to manage function boundaries in segment 043.
- Created `read_file.py` for reading and printing file content size.
- Added `resolve_bb4f.py` to resolve specific function call targets.
- Implemented `resolve_top_targets.py` to find resolved NE targets for top-called wrapper functions.
- Added `script_contents.txt` to summarize NE relocation far calls.
- Updated `tier4_ghidra.txt`, `tier4_ghidra_check.txt`, `tier4_output.txt`, and `tier4_result.txt` with function call statistics.
- Created `tier5_errors.txt` for error logging and `tier5_output.txt` for additional function call statistics.
- Established `tools` directory with helper scripts for the Ghidra project, including CLI and common functionalities.
- Implemented command-line interface in `cli.py` for various project operations.
- Added `common.py` for shared functions and configurations across tools.
- Introduced `validate_fixups.py` to validate NE relocation fixups against known addresses.

.github/instructions/ghidra.instructions.md

@@ -31,6 +31,15 @@ applyTo: "**"
 - Record raw-import addresses alongside original segment-relative offsets when porting names.
 - **Always use `rename_function_by_address`** — `rename_function` (by name) fails with "must have required property 'old_name'" and is broken. Use `"function_address": "000c:XXXX"` format.
 
+# PyGhidra Fallback
+
+- Use the local PyGhidra toolkit in `tools/pyghidra_crusader` when MCP is missing an operation such as function creation, deletion, or batched scripted edits.
+- The workspace-local Python environment for this toolkit is `.venv-pyghidra311`, created from `C:\Users\Maddo\.pyenv\pyenv-win\versions\3.11.6\python.exe` and installed from the bundled Ghidra 11.3.2 offline packages.
+- Default install dir for the toolkit is `I:\Apps\ghidra_11.3.2_PUBLIC`.
+- Invoke the toolkit with `\.venv-pyghidra311\Scripts\python.exe -m tools.pyghidra_crusader ...` from the repo root.
+- Keep PyGhidra batches small too: prefer one focused repair plan or 1-5 direct edits at a time.
+- Write operations require the Ghidra project to open successfully. If `Crusader.lock` is present because the GUI owns the project, close Ghidra first or operate on a project copy.
+
 # Current Verified Raw-Import Ports
 
 - `0006:e5d0` = `cursor_update_hover` from seg001 `0x0060`

.github/skills/pyghidra-ghidra-ops/SKILL.md

@@ -0,0 +1,112 @@
+# PyGhidra Ghidra Ops
+
+Use this skill when Ghidra MCP is missing a needed write operation and you need native CPython access to the Ghidra API for the local Crusader project.
+
+## Use Cases
+
+- Create or delete functions in `CRUSADER-RAW.EXE`.
+- Apply small batched repairs driven by verified addresses.
+- Add comments or rename functions by address from a repeatable JSON plan.
+- Inspect project root files to confirm the program name/path before running edits.
+
+## Workspace Defaults
+
+- Ghidra install dir: `I:\Apps\ghidra_11.3.2_PUBLIC`
+- Ghidra project dir: repo root
+- Ghidra project name: `Crusader`
+- Default program: `CRUSADER-RAW.EXE`
+- Local Python env: `.venv-pyghidra311`
+- CLI entrypoint: `.\.venv-pyghidra311\Scripts\python.exe -m tools.pyghidra_crusader`
+
+## Constraints
+
+- Stay conservative. Use the same rename and batch-size rules as the main Ghidra workflow.
+- Prefer one focused plan or 1-5 direct edits at a time.
+- Write operations require the project to be openable for modification. If `Crusader.lock` is present because the GUI owns the project, close Ghidra first or work on a copy.
+- Keep `crusader_decompilation_notes.md` updated after verified repair batches.
+
+## Commands
+
+List root project files:
+
+```powershell
+.\.venv-pyghidra311\Scripts\python.exe -m tools.pyghidra_crusader project-files
+```
+
+Delete a bad function object:
+
+```powershell
+.\.venv-pyghidra311\Scripts\python.exe -m tools.pyghidra_crusader delete-function --entry 0007:5b6f
+```
+
+Create a repaired function with an explicit body:
+
+```powershell
+.\.venv-pyghidra311\Scripts\python.exe -m tools.pyghidra_crusader create-function \
+  --entry 0007:5a90 \
+  --name seg043_func_0090 \
+  --body-start 0007:5a90 \
+  --body-end 0007:5b79 \
+  --plate-comment "Recovered from standalone seg043 boundary scan"
+```
+
+Rename a function by entry address:
+
+```powershell
+.\.venv-pyghidra311\Scripts\python.exe -m tools.pyghidra_crusader rename-function --entry 0006:02cc --name entity_class_get_flag20
+```
+
+Apply a small JSON plan:
+
+```json
+{
+  "transaction": "Repair seg043 boundaries",
+  "remove_functions": [
+    "0007:5b6f"
+  ],
+  "create_functions": [
+    {
+      "entry": "0007:5a90",
+      "name": "seg043_func_0090",
+      "body_start": "0007:5a90",
+      "body_end": "0007:5b79",
+      "comment": "Recovered from standalone seg043 boundary scan"
+    },
+    {
+      "entry": "0007:5b7a",
+      "name": "seg043_func_017a",
+      "body_start": "0007:5b7a",
+      "body_end": "0007:5c1b"
+    },
+    {
+      "entry": "0007:5c1c",
+      "name": "seg043_func_021c",
+      "body_start": "0007:5c1c",
+      "body_end": "0007:5c80"
+    }
+  ],
+  "comments": [
+    {
+      "address": "0007:5b6f",
+      "text": "Old auto-created split overlaps the earlier seg043:0090..0179 routine.",
+      "type": "plate"
+    }
+  ]
+}
+```
+
+```powershell
+.\.venv-pyghidra311\Scripts\python.exe -m tools.pyghidra_crusader apply-plan --plan .\seg043_repair.json
+```
+
+Dry-run a plan before touching the project:
+
+```powershell
+.\.venv-pyghidra311\Scripts\python.exe -m tools.pyghidra_crusader apply-plan --plan .\seg043_repair.json --dry-run
+```
+
+## Implementation Notes
+
+- Address strings accept raw `SSSS:OOOO` form or plain integers such as `0x75a90`.
+- The CLI tries a few root folder path variants when opening the program so it can tolerate minor project path differences.
+- Plan files support `remove_functions`, `rename_functions`, `create_functions`, `comments`, and `assert_functions`.