Triggers react to DML and DDL events. If some code is suceptible to SQL injection attacks, you would have to predict the form of every possible attact to write triggers for them.

You prevent SQL injection by using methods that don't permit user-entered text to be executed as commands. Triggers are reactive, they won't run until the attack has already succeeded.