Back to articles

The 6 layers under every reliable AI workflow

Six architectural layers — sequencing, parallelism, conflict detection, circuit breakers, context budgets, observability — that separate AI workflows users trust from the ones they babysit.

Applied AI
Agents

Your AI workflow feels brittle and you cannot tell why. The model is fine. The prompts are fine. Yet every other run produces a contradiction, a stale read, or a tool call in the wrong order, and you patch it with another instruction the model half-listens to. The fix is not a better prompt — it is six architectural layers underneath the prompt that the user never sees. Klarna said its AI assistant handled 2.3 million customer conversations in its first month and did work comparable to roughly 700 full-time agents, according to its own press release — a company claim, not independent reporting, but a useful upper bound on what the architecture under a reliable assistant can carry. By the end of this post you will be able to:

  • Name the six hidden layers that decide whether your workflow scales or collapses
  • Spot which layer is missing the next time your assistant feels erratic
  • Predict the three incidents that will hit you as you add autonomy
  • Stop patching reliability with prompt rewrites

Reliability is a system property, not a model property

Once you move past single-turn Q&A, model quality stops being the lever. The failures you see in production — wrong-order tool calls, two writes to the same record, the assistant retrying the same broken path for 30 seconds, a context window so polluted by turn 12 that it forgets the user's actual ask — none of those get better with a smarter model. They get better with structure around the model.

Reliability is a property of how the system is arranged, not which model is inside it. Six layers do the arranging.

1. Sequencing — most workflow failures are ordering failures

Your assistant drafted the email before reading the latest CRM note. It updated the record before resolving which record was the right one. It tried to send before the approval gate fired. The model did the right things in the wrong order, and the user saw the consequence.

Reliable systems do not let any action happen at any time. They encode an explicit order: resolve the target, read current state, gather missing information, prepare the action, request approval if needed, execute, confirm. This reads as slower on paper and runs as faster in production because it eliminates rework.

Rule: if two steps have a real dependency, encode it in the graph, not in the prompt. Prompts forget. Graphs do not.

2. Parallelism — fast on reads, serialised on writes

The same workflow that needs strict ordering on writes can be embarrassingly parallel on reads. Search three sources at once. Fetch four records. Compare options side by side. That work compounds into seconds of real latency saved on every turn.

Parallelism turns dangerous the moment two branches touch the same resource. Two writes to the same entity, a read that depends on an in-flight update, two tool calls competing for the same external session — these are the bugs that show up once a week, never reproduce, and erode user trust faster than any prompt regression.

Rule: parallelise independent reads, serialise anything that writes or has side effects. The boundary is resource ownership, not step count.

3. Conflict detection — the trust feature users never name

No user has ever asked whether your system has conflict detection. They feel the answer in the first ten minutes. A system that avoids stepping on itself feels competent. A system that fires two contradictory updates against the same record feels brittle, and no amount of polish on the reply text recovers that impression.

Conflict detection is one rule: do not let independent-looking steps run together if they are competing over the same record, file, session, account, or stateful environment. It is the cheapest layer to add and the one teams skip most often because the failure mode is invisible until production traffic finds it.

Rule: every shared resource needs an owner during a turn, and only the owner writes.

4. Circuit breakers — knowing when to stop is a mark of maturity

A workflow without stopping logic retries the same failing tool call six times, burns tokens, produces increasingly confused output, and turns a small failure into an incident the support team sees before you do. You have seen this. Every team has.

A circuit breaker is a budget: after N failed attempts on this path, stop, surface the issue, and protect the rest of the system. It costs less than a day to implement and prevents the category of incident where a single broken downstream tool drags an entire workflow into a death spiral.

Rule: every external call needs a retry budget and an exit. No infinite loops.

5. Context budgets — your working set is not free

Long-running workflows accumulate prior messages, tool outputs, intermediate decisions, attachments, and partial plans. If all of that stays in the active context forever, the workflow degrades on its own timeline — slower, noisier, more confused — regardless of input quality.

Reliable systems treat context as a finite resource. They preserve recent high-value turns, compress older material into structured summaries, drop low-value detail, and protect a small set of pinned facts from ever being summarised away. This is the least glamorous layer and one of the highest leverage. A workflow that runs cleanly for 20 turns and a workflow that runs cleanly for 3 differ mostly on this.

Rule: define what is pinned, what is summarised, and what is dropped — before turn one, not turn twelve.

6. Observability — if you cannot answer six questions, you do not control the workflow

When a turn goes wrong, can you answer: what did it try to do, which tools did it call, what succeeded, what failed, how long did each step take, and what did the user actually see? If any of those answers requires you to re-run the conversation and guess, you are not operating the workflow — you are watching it from outside.

Reliable systems log the structure of execution, not just the final output. Step IDs, durations, statuses, tool inputs and outputs, the actual prompt that went to the model on that turn. The investment pays back the first time you have to debug a production incident at 9pm.

Rule: log enough that you can reconstruct any failed turn without re-running it.

What the oracle sees coming

Three predictions for the team that takes these six layers seriously:

  1. Your first conflict-detection incident will look like a race condition and trace to two parallel reasoning paths writing to the same record. It will be intermittent, hard to reproduce, and obvious in hindsight. You will wish you had owner-per-resource enforcement before you wish you had better prompts.
  2. Your context budget will fail silently before it fails loudly. Quality will degrade on long sessions weeks before anyone files a bug, because users blame themselves before they blame the assistant. You need a per-session quality metric, not just a per-turn one.
  3. Your circuit breakers will catch a broken vendor before your monitoring does. The first time a downstream API degrades for 40 minutes, the breaker will trip cleanly, the workflow will degrade gracefully, and you will find out from the breaker dashboard before the vendor's status page updates. That is the day the architecture pays for itself.

The real lesson

Reliable AI workflows are not the product of better prompts or bigger models. They are the product of six deliberate decisions about sequencing, parallelism, conflict detection, circuit breakers, context budgets, and observability. Users never see those layers directly and always feel whether they exist. In production, that feeling is the entire difference between a workflow your team can leave alone and a workflow that needs a human watching it.

If you are running an AI workflow that feels erratic in production, send me one trace from a turn that went wrong and I will tell you which of the six layers above is missing. [email protected].