Can the PHP SQLite bindings' prepared statements be trusted to handle unscrubbed input?

Question

I\'m using prepared queries with PHP 7:

$db = new SQLite3( \'foobars.db\' );
$stmt = $db->prepare(\'SELECT foo FROM foobars WHERE bar=:bar\');
$stmt->bi