is it possible to do sql injection in nodejs with postgres databse when I use "text" and "values"?

package.json file

{
  "dependencies": {
    "express": "^4.17.1",
    "express-graphql": "^0.12.0",
    "graphql": "^15.5.0",
    "pg": "^8.5.1"
  }
}

My code is

database = function(data){
  // I can pass a string or an object type into "data"
  var writeValue = {text:"INSERT INTO mydatabse(value) VALUES($1);",
  values: [data]}
  client.query(writeValue, (err, res) => {
    if (err){
      console.error(err)
      console.log("i got an error!!!")
      return err
    }
  });
  return "hi " + data;
}

I can pass a string or an object into data

is thar a way to abuse the sql or this is always a safe way to prevent sql injection?