Watch me stir up a hornet’s nest… Ideally, mechanisms like DatabaseRecord (for inserts) and RecordSet (for updates) should yield the same safety with less error prone simplicity.
RecordSets do use prepared statements.
And I believe DatabaseRecord does as well.