MySQL

SQL queries in JS code, escape special characters or not?

Good afternoon!
I automate the testing process with Node.js and Selenium-wd.
Before and after test blocks, queries to the database are performed (creating preconditions or clearing the database).
Requests are stored in variables in string form.
There is a problem with single quotes.
Let me explain with an example:

needForReg = 'INSERT INTO `billing_payment_gateway` (--\
             `id`, `name`, `route`, `description`, `is_active`, `is_deleted`--\
       ) VALUES (--\
       1, 'interkassa', 'InterkassaGateway', '', 1, 0);'

Having reached 'interkassa' the line will be interrupted and any nonsense will follow.
So far, I solved the problem by escaping quotes:

needForReg = 'INSERT INTO `billing_payment_gateway` (--\
             `id`, `name`, `route`, `description`, `is_active`, `is_deleted`--\
       ) VALUES (--\
       1, \'interkassa\', \'InterkassaGateway\', \'\', 1, 0);'

But this is only part of the request, and there are requests that are much longer, escaping quotes is tiring and generally does not look very good.
You can solve the problem by simply enclosing the query string in double quotes. and I like this idea.

needForReg = "INSERT INTO `billing_payment_gateway` (--\
             `id`, `name`, `route`, `description`, `is_active`, `is_deleted`--\
       ) VALUES (--\
       1, 'interkassa', 'InterkassaGateway', '', 1, 0);"

But is it correct? What about security in this case? Or maybe there are solutions for automatic escaping, if there is no way without it? I'm still swimming in this all, knowledge is very superficial.