Because it actually returns a knex client which should be used with async/await or with .then, otherwise, it is not executed.
So just add async and await and it will work:
for await (const companies of user.companies.map(async (company) => { //added async here
const token = generator.generate({
length: 64,
numbers: true
});
let sql = `UPDATE companies_users__users_companies SET token = "${token}" WHERE user_id = ${user.id} AND company_id = ${company.id}`
const res = await strapi.connections.default.raw(sql); //added await here
}))