Does Shiny protect from SQL injection attacks?

Shiny provides no special protection from SQL injection attacks. Although many applications are designed to query and store data from a database, the Shiny framework does not provide direct connectivity to the database. It is the R programmer’s responsibility to ensure that they do not pass any text blocks into queries that can be sent to the database in an unsafe fashion.  For more reading on this topic, have a look at http://db.rstudio.com/, and specifically this page on security best practices.