Sometimes you will have to write raw SQL in Prisma, because you cannot create all queries. A perfect example is Search implementation in SQL. Prisma allows you to write raw SQL queries using prisma.$queryRaw. It supports Parameterised queries which help you to prevent SQL injection.
const ships = await prisma.$queryRaq`
SELECT name, username from User WHERE user.id = ${params.userId};
` The only problem with writing raw SQL in Prisma is that it always returns undefined type. For that reason, you have to use zod to check whether or not it returns what you expect.