Thank you Jeff and Grant. These are excellent responses - and to be honest, a little bit differently from what I expected. Basically, from what I'm seeing, the basic CRUD operations should be safe, but all generated T-SQL code needs to be examined and validated. This seems like a good compromise over all data access being done through stored procedures.
Wayne
Microsoft Certified Master: SQL Server 2008
Author - SQL Server T-SQL Recipes