A Founder's Note on Why Bolted-on AI becomes Product Debt
-converted-from-svg.png)
Every product team is under pressure to ship "an AI layer" right now. In most cases, that means an icon in the corner, a chat panel on the side, and a model fed far too much context in the hope that it says something useful.
It looks impressive in a demo. It also has a familiar smell to anyone who has built software for a living. It ships quickly, masks a structural problem, and gets more expensive every quarter. In other words: debt.
I have started thinking of this as AI debt.
I am writing this now because we are about to launch FileSpin AI Agent in the coming days. Before we do, I want to put down in writing how we think about the trap most teams are walking into, and the choices we made to avoid it.
What AI debt looks like
It usually shows up in four places.
Context overloading: The product keeps stuffing more into the prompt: help docs, schemas, manuals, user history, UI state, stray examples, half the database. It works for a while. Then latency climbs, cost climbs with it, and nobody can explain which part of the context was actually necessary.
Tool sprawl: Every internal operation gets exposed to the model and called "agentic." No clear task boundary. No obvious limit on what the AI is meant to do. The user gets something that feels powerful right up until it does the wrong thing at scale.
Prompt-as-glue: Business logic starts living in prompt text instead of the product itself. Important rules move out of code and into paragraphs. They become hard to test, hard to version, and even harder to reason about six months later.
Disclaimer as fix: Hallucination is a real phenomenon — part model, part context, part scope. The debt is not that it happens. The debt is when the team's response is to paste a warning label onto the UI rather than tighten the grounding, narrow the task, or keep a human in the loop.
Each of these feels efficient on launch day. Each one quietly kicks the AI Debt down the road to your future team.
Why it behaves like technical debt
Technical debt becomes dangerous when the shortcut stops being local. The same is true here.
Once an AI feature is built on oversized context and vague permissions, every new capability inherits the mess. A simple workflow becomes a complicated one. A narrow assistant becomes a pseudo-operator with no clear contract. The model starts carrying responsibility that should have stayed in the product.
Then the familiar symptoms appear. The team cannot predict behaviour with confidence. Costs are hard to forecast. Performance gets worse as features are added. Trust drops. Eventually someone has to rebuild the whole thing, usually while explaining to customers why the clever demo from last year is now an operational liability.
The point is not that AI creates debt by default. The point is that bad product architecture creates debt, and AI is a very efficient way to multiply it.
The architecture choice we made at FileSpin
We are about to put our own AI feature into customers' hands. Because of that, I want to be explicit about the shape of it.
We did not build the FileSpin AI Agent as a chatbot that explains the product. We built it as an execution layer inside the dashboard — something that uses the product on the user's behalf rather than describing it. A chatbot answers questions about the software. An agent operates the software. We chose the second.
A few principles fell out of that choice:
- Scoped context, not a dump. The agent works from what the user is actually doing — the current page, the selected assets, the active filters — not from a firehose of everything FileSpin knows.
- Permissions stay in the product. The agent inherits the authenticated user's RBAC. It cannot do anything the user could not do manually. Control lives in the product, not in an optimistic prompt.
- Audited like any other user action. Every action the agent takes logs under that user's account, indistinguishable from work done by clicking. Compliance teams see no gap.
- Same foundation as our MCP Connector. External agents like Claude, ChatGPT, and Mistral already operate against FileSpin through the MCP Connector. The dashboard agent uses the same constrained primitives. We did not build a separate AI backdoor.
I'll give you the full product story on what it does, how it feels, where it is and isn't in the launch post. This one is about why it is shaped the way it is.
Practical takeaway
If your team is shipping AI features this year, ask three questions before you ship anything.
1. What exact workflow is the agent allowed to execute?
If you cannot describe the job in one sentence, the scope is probably too loose. "Helps with content operations" is not a workflow. A specific, bounded task is.
2. What context does it actually need, and what is deliberately excluded?
If the answer is "basically everything," you are not designing context. You are inadvertantly seeding a very large bill. Good AI products are selective. They know what matters for this task and ignore the rest.
3. When the model is wrong, what still stays deterministic?
Permissions should still hold. Audit trail should still hold. The user should still be able to see what happened and review the result. If the whole feature collapses the moment the model makes a bad call, too much of your product is living in the AI layer.
AI debt is the place where product discipline goes to die.
Closing
I do not think AI debt is a reason to move slowly. I think it is a reason to build narrow, useful, load-bearing systems instead of theatrical ones. The teams that win over the coming months and years will be the ones whose AI layer is boring in the right places: scoped, permission-bound, auditable, and attached to real workflows that matter.
That tends to be less glamorous. It also tends to survive contact with production.
Next week, we will show what that looks like in the FileSpin dashboard. Meanwhile, if you are interested in a test drive, do get in touch
