Orbital
TLDRArticlesAbout

Future-Proofing AI Systems: Build for the Model You'll Have, Not the One You Have

Anthropic and other model labs keep repeating a piece of advice that sounds paradoxical the first time you hear it: don't build AI systems to the limitations of current models. The obvious response is — well, what choice do I have? Every system I ship today runs against today's models, with today's context windows, today's latencies, today's failure modes. You can't deploy against a model that doesn't exist yet.

The advice isn't actually telling you to ignore reality. It's drawing a sharper distinction than that, and it's worth unpacking carefully because the cost of getting it wrong shows up months later as architectural debt that prevents you from benefiting when the underlying capability arrives.

The single most useful framing is this:

Build systems that become simpler as models improve — not systems that only exist because models are weak today.

That's the test. Everything else follows from it.

Stable Constraints vs Temporary Limitations

The mistake teams make is treating "what the model can't do today" as a fixed engineering constraint, the same way they'd treat "this database can't do joins" or "this API rate-limits at 100 req/s". Model capabilities don't behave like that. They move on a fairly predictable curve — context windows, reasoning depth, instruction following, tool use, latency, cost per token — and the things that look like hard limits today have a habit of evaporating in six to twelve months.

So the architecturally important question isn't "what can the model not do?" — it's "is this thing I'm working around a stable property of LLMs, or a temporary property of this LLM?"

Stable constraints — the things worth designing around — include:

  • Models are probabilistic, not deterministic
  • Context windows are finite (whatever the size today)
  • Hallucinations exist and need to be detected, not prayed away
  • Token costs and latency are real budget items
  • Tool use is more reliable than free-form generation for high-stakes tasks
  • Humans need verification loops in regulated and high-trust domains
  • Retrieval is generally cheaper and more controllable than fine-tuning
  • Structured outputs (typed schemas, validators) outperform "magic prompts"

These are architectural truths. Building robust pipelines around them — schemas, retrieval layers, validation, audit logs, human approval steps — is durable engineering. Those investments compound across model generations.

Temporary limitations — the things to avoid baking into your architecture — are the ones that came from a specific model's quirks at a specific moment in time. Most prompt-engineering folklore lives here. So do most multi-agent gymnastics, most aggressive context-trimming pipelines, and most hand-rolled chain-of-thought scaffolding.

Patterns That Age Badly

A few specific patterns that show up repeatedly in code that's two model generations old:

Aggressive context trimming and "RAG everything". A year or two ago, with 8k context, every system needed elaborate retrieval pipelines just to fit relevant information into the window. Teams that built their entire product identity around that retrieval cleverness now find that 200k+ context windows make a lot of it unnecessary — but their architecture is welded to the old assumption. Retrieval still matters; the brittle chunking, summarisation trees, and many-agent decomposition built around the old window does not.

Hardcoded chain-of-thought scaffolding. Manually decomposing every task into sub-prompts because the model couldn't reason multi-step on its own. Newer models with extended thinking handle this internally; the scaffolding becomes pure overhead, and worse, it prevents the model from reasoning across the whole problem.

Routing to small models out of fear. Building elaborate intent routers because you're convinced the smart model is too slow or too expensive for everything. Sometimes that's correct — routing is a real optimisation. The anti-pattern is when routing exists only because you don't trust the smart model, and the routing logic itself is doing work the smart model could now do natively.

Tool-call orchestration the model could just do. Hand-coded state machines for "first call tool A, then if X call tool B" when modern models can plan that themselves given the tools and a goal. The orchestration code looked impressive when it shipped; now it's a wall between you and the model's native planning ability.

Multi-agent over-engineering. Through 2024–2025, a generation of systems shipped with planner agents, reviewer agents, validator agents, critic agents, and manager agents — fifteen LLM calls per user message, cascading errors, fragmented context, undebuggable. Anthropic and others have since shifted toward simpler agent loops with composable skills and deterministic scaffolding around the model rather than magical orchestration of the model.

Prompt superstition. "Claude only works with this exact XML format." "GPT only does the right thing if I phrase it as a memo from the CEO." "This hidden CoT trick boosts accuracy 18%." Then the next model release breaks it, and you can't tell whether your eval regression is the model being worse or your prompt being out of date.

The common thread: each of these started as a sensible accommodation for a specific weakness. The failure isn't making the accommodation — it's letting the accommodation become a load-bearing architectural commitment.

Patterns That Age Well

The flip side. These hold their value across model generations because they're not betting on what the model can't do — they're betting on the interface between your system and the model staying useful:

Capability abstraction via tools and resources. Instead of writing long prompts that explain how a model should interact with your data, expose the data and operations as tools with typed schemas. The model only needs to know the tool exists and what it does. As models get smarter, they get better at deciding when to call it. Your underlying infrastructure stays a stable API — and protocols like the Model Context Protocol make that abstraction portable across hosts.

High-level objectives over prompt chains. Many current systems use sequential prompt chains to force a model through a reasoning path it can't handle in one shot. Designing for high-level objectives — give the model the full context and the goal, let it plan — means that as the model's reasoning improves, it gets better automatically. Building chain logic into your code makes it harder to swap in a more capable model later.

Investment in the agent–computer interface. Anthropic has been explicit that the way an agent interacts with a system matters more than raw model intelligence. A clean structured JSON schema for points of interest is more valuable than asking the model to "describe the map". Standardise the interface and a smarter model navigates your system more reliably without you changing a line of code.

External verification, not internal correction. Current models often need a "critic" prompt to check their own work. The future-proof version is external verification — unit tests, linters, schema validators, citation checks. Instead of asking the model to "be better", give it the result of a failed test. That creates a loop that scales with the model: a smarter model fixes the test faster, but the test infrastructure is a permanent asset.

Evaluation suites tied to the model surface. This is the mechanism that lets you exploit model improvements without rebuilding. Without evals, you can't safely upgrade even when better models ship — so you stay frozen on whatever crufty prompts worked at launch. With evals, swapping a model is a config change followed by an eval run.

Model-agnostic, swappable providers. Treating model choice as a per-task slot rather than a global commitment means you can shift workloads between vendors as cost, latency, and capability move. The slot system is itself an architectural asset.

The Litmus Test

When you're not sure whether a piece of your system is durable or disposable, run this test:

If the next-generation model came out tomorrow and was twice as capable at half the cost, how much of my system would I have to redesign to take advantage?

If the answer is "swap the model string and re-run evals", you're in good shape. The system is positioned to exploit improvements rather than be threatened by them.

If the answer is "a lot — the routing logic, the chain decomposition, the multi-agent orchestration, the bespoke prompt format" — you've overfit to current limitations. The work you did to make today's model perform is the same work that prevents tomorrow's model from performing better.

There's a related test for individual workarounds: if this weakness disappears in the next model release, does my code get smaller, or does it stay the same? Workarounds that get deleted on upgrade are healthy. Workarounds that linger because they've grown roots into other parts of the system are debt.

Where the Advice Has Limits

This isn't a permission slip to ignore production constraints. Latency budgets are real. Cost ceilings are real. Output determinism for downstream systems is real. The specific shape of what works today is real, and pretending otherwise ships a bad product.

The pragmatic accommodations — a fast cheap model for high-frequency classification, temperature: 0 for deterministic structured output, tool-choice forced for intents where you cannot tolerate the model picking wrong — these are not the anti-pattern. They're shaped by what works, and they're easy to revisit per-component as models change.

The anti-pattern is when those accommodations stop being local and start being load-bearing. A useful discipline: isolate every model-quirk-driven decision into a single module that can be cleanly deleted when the next generation arrives. If the workaround is one file with one function, you can rip it out in an afternoon. If it's diffused across the routing layer, the prompt assembler, the post-processor, and the tool definitions, you can't.

What This Looks Like in Practice

For a typical production AI system — say, a Next.js app with Supabase, a vector store, and a document pipeline — future-proofing tends to mean preferring a particular shape of architecture:

Avoid: giant fragile prompt chains, hardcoded agent hierarchies, model-specific phrasing tricks, excessive chunk orchestration, custom in-prompt memory schemes, hand-coded "if intent is X then call tool Y" routers wherever the model could plausibly do it itself.

Prefer: clean document and ingestion pipelines, strong metadata extraction, deterministic preprocessing, retrieval as a tool the model calls when it needs context, swappable model providers behind a slot abstraction, eval suites tied to your real fixtures, typed outputs, and human review checkpoints where the stakes warrant them.

The architecture below survives better models, larger context windows, cheaper inference, and improved tool use, because it's based on durable system properties rather than compensation for temporary weaknesses:

Input
Preprocessing + PII redaction (deterministic)
Structured indexing (durable)
Retrieval (tool the model calls)
LLM reasoning (model slot — swappable)
External verification + citations (durable)
Human approval (where stakes warrant)

Every box is either deterministic infrastructure or a swappable model surface. There's no "clever scaffolding" tier in the middle that locks the design to a specific model generation.

The Mindset Shift

The deeper move here is one of orientation. Traditional software engineering optimises against constraints that are stable for years. AI engineering is optimising against a target that's moving on a 6–12 month cadence — and frequently the right answer is to not solve a problem the labs are about to solve for you.

Stop asking "what can today's model not do?" and start asking "if models become substantially better next year, will my architecture get simpler or get obsolete?"

The systems that age well are modular, retrieval-aware, tool-oriented, eval-driven, and built as thin orchestration layers over an increasingly capable model. The model is a component, not the whole fragile thing. The pipeline does what pipelines have always done — clean inputs, structure data, validate outputs, surface for humans where it matters — and the LLM does the part where intelligence is genuinely the bottleneck.

That's the whole principle. Build systems that get simpler as models improve, isolate the workarounds that don't, and re-test on every model release. The hard part isn't writing the code — it's having the discipline to delete the scaffolding once the model can do without it.

This is the architectural principle behind every AI system Orbital builds for clients. Designing the model surface as if the next generation already exists, isolating the temporary accommodations, and tying the whole thing to an eval suite that converts model upgrades from a risk into a release mechanism. See how this plays out in the CTI architecture review →

AiDevelopment