Can java dsl `Expression.s()` be considered as safe for passing user inputs?

Hi,

I’m writing a simple search endpoint that relies on N1QL pattern matching features.

As I didn’t found the REGEXP_LIKE instruction in the DSL (did I miss it ?), I had to go with a Expression.x which I assume to be unsafe.

What I did is wrapping user inputs in a Expression.s in order to protect from injections.

Can I be confident enough with this approach or should I be concerned ?

Example

private static Expression userLastNameMatches(RegexpSearchQueryTerm term) {
        return Expression.x(
            "REGEXP_LIKE(" +
                "lastname, " +
                Expression.s(term.toString())
                + ")"
        );
    }