Investiage potential security issues in the request and response mappings. Those are essentially strings interpolated with end user provided data. Are there ways to secure them like using prepared statements?