Avoid SQL injection in Postgres sql dynamic query using Dapper