hello James,
Command objects were new to version 9 and the intent was to allow any syntax that the database driver would allow through its layer. This means that the CUD of CRUD operations would work through many odbc drivers. This was done with consultation with major customers' DBA's who agreed that the onus was on the DBA to ensure that the appropriate user rights would be assigned. These days there are only a handful of drivers that do allow the CUD of CRUD.
Another choice other than database level rights and security is to create the command object in such away as to prevent sql injection. In your case you may be able to use a numeric prompt/parameter and then to_text() it in the command or ensure there is a length mask on the prompt or ensure that in the command that the value does not include the lowercase "delete".
-jamie