SQLite Security

I am currently going through the Javascript API Backend course and I just made it to the SQLite section. I had some questions regarding the use of SQL, specifically within Javascript. Maybe the question will be answered as I proceed through the course, but just knowing how Javascript works, I just have to know.

How does security work when it comes to utilizing SQLite within your Javascript? Javascript is client-side code, meaning anyone accessing a Javascript application can read the code. So if I have defined some queries within the code how does it get obfuscated or hidden so it can’t be manipulated? For example, PHP is server-side code so hiding SQL queries within the language is fine since the files can’t be read by uses accessing the pages.

You wouldn’t give users direct access to your database.
And you said backend, so the user isn’t running that code.