@DMehaffy will probably have far more context he can add here but Strapi comes with some sanitization methods.
See Controllers | Strapi Documentation