The good thing about using sp_executesql is that you can pass the parameter value instead of completely building the string on the fly like this...
DECLARE @SQL NVARCHAR(MAX)
DECLARE @TBL TABLE (i int)
SET @SQL = 'SELECT message_id FROM sys.messages WHERE message_id < @ID'
INSERT INTO @TBL
EXEC sp_executesql @SQL, N'@ID INT' , 1000
SELECT * FROM @TBL