My colleague Brent offers some more details on the intricacies of Laravel's query builder.

I recently learned that not all query builder functionality in Laravel is "safe". This means that user input shouldn't be passed directly to it, as it might expose your application to SQL injection vulnerabilities.

https://stitcher.io/blog/unsafe-sql-functions-in-laravel