What does query builder actually escape?

I'm looking for reliable answers to the following scenario regarding whether or not the data is escaped by query builder:

Code:

$this->db->select($evilInput); // pretty sure it is
$this->db->where($evilInput2 ,"abc"); // i know abc is
$query =  $this->db->get($evilInput3);
$count = $query->num_rows();

In which of the above scenarios does `$evilInput` need to be escaped manually? The docs is a little iffy on these types of examples.

I know `set()` escapes as well as `$this->db->get('tablename', $escape_this_array);`