diff --git a/backend/src/api/mcp/server.py b/backend/src/api/mcp/server.py
index 89e4bf1..c108058 100644
--- a/backend/src/api/mcp/server.py
+++ b/backend/src/api/mcp/server.py
@@ -13,7 +13,36 @@ from utils.read.models import DEFAULT_LIMIT, Page
 from utils.search.models import SearchFilters
 from utils.search.repository import search_messages
 
-mcp: FastMCP = FastMCP("beavergram")
+INSTRUCTIONS = """\
+beavergram archives Telegram data (chats, messages, media, presence, stories,
+peer history) into Postgres and exposes it read-only over these tools.
+
+Account scoping:
+- Every tool takes `account_id`. It selects which archived Telegram account to
+  read. Unless the user names a different one, always pass `account_id=1`.
+
+Identifiers:
+- `chat_id` and `peer_id` are Telegram IDs (negative for groups/channels,
+  positive for users/bots). Discover them with `list_chats` before calling
+  tools that need a specific chat.
+
+Typical flows:
+- Browse: `list_chats` -> pick a `chat_id` -> `get_chat_history`.
+- Find something: `search_messages_tool` (full-text over message text and STT
+  transcripts; supports chat/sender/date filters and regex).
+- Forensics: `get_deleted_messages` and `get_message_versions` recover content
+  removed or edited in Telegram but kept in the archive.
+- Media: `get_media` returns metadata; pass `fetch=True` to enqueue a lazy
+  download if the file isn't stored yet.
+- Monitoring: `set_watch` creates a local rule, `list_watches` lists rules, and
+  `list_alerts` reads what those rules fired.
+
+Writes: everything is read-only except `set_watch`, the only allowed write.
+
+Paging: list/search tools accept `limit` and `offset`.
+"""
+
+mcp: FastMCP = FastMCP("beavergram", instructions=INSTRUCTIONS)
 
 
 async def _pool() -> asyncpg.Pool: