Just to provide some more context. In my specific case I needed to pass a Uid variable. This is pretty easy to validate before concatenating with the query string.
In cases where the variable is some sort of free-form string originating from a client, it would be very difficult to ensure the upsert query isn’t being injected. Essentially all the same reasons GraphQL variables are supported in standard queries.
But like I said, for Uids this isn’t much of an issue beyond having to prepare the requests a little differently.