Is there a list of features in mojoPortal that are utilizing direct or parameterized SQL commands instead of stored procedures to add/edit/delete data in the database (SQL implementation in particular)?

For example: it looks like the code that executes when a Blog post is deleted calls the method "mojoPortal.Data.DBBlog.DeleteAllCommentsForBlog()". This function seems to be doing direct deletes in the database against the table 'mp_BlogComments' rather than calling the available stored procedure on this table. It seems that almost all 'regular' CMS activity against an SQL database is facilitated via stored procedures - this is the first exception I've run into.

I ran across it because we have historically locked down the 'daily access' SQL user accounts that our MojoPortal sites utilize to only have a role with "Execute" permission on stored procedures - since the only time we typically see "direct" access to SQL objects is during setup/installation/upgrade (we run setup under a different SQL user account with full 'dbo' permissions). I can extend this 'daily activity' user account with the restricted permissions to have direct table 'CRUD' access to specific tables if I can identify which we need to loosen the controls around. That said,  from an access control perspective it would be preferable for everything to be consistently using either stored procedures or direct to table parameterized queries (makes our DBA happier).