Nit: fix qhelp

java/ql/src/experimental/CWE-094/ScriptEngine.qhelp

@@ -4,16 +4,16 @@
 <qhelp>
 
 <overview>
-<p> The ScriptEngine api is available since the release of Java 6.
-It allows application to interact with script written in language such as JavaScript.</p>
+<p>The ScriptEngine API has been available since the release of Java 6.
+It allows applications to interact with scripts written in languages such as JavaScript.</p>
 </overview>
 
 <recommendation>
-Use "Cloudbees Rhino Sandbox" or sandboxing with SecurityManager or use <a href="https://www.graalvm.org/">graalvm</a> instead
+<p>Use "Cloudbees Rhino Sandbox" or sandboxing with SecurityManager or use <a href="https://www.graalvm.org/">graalvm</a> instead.</p>
 </recommendation>
 
 <example>
-The following code could executes random JavaScript code
+<p>The following code could execute random JavaScript code</p>
 <sample src="ScriptEngine.java" />
 </example>
 

java/ql/src/experimental/CWE-094/ScriptEngine.ql

@@ -1,6 +1,6 @@
 /**
- * @name Script engine eval
- * @description Malicious javascript code could caused arbitrary command execution on OS level
+ * @name ScriptEngine evaluation
+ * @description Malicious Javascript code could cause arbitrary command execution at the OS level
  * @kind path-problem
  * @problem.severity error
  * @precision high
@@ -47,5 +47,5 @@ class ScriptEngineConfiguration extends TaintTracking::Configuration {
 
 from DataFlow::PathNode source, DataFlow::PathNode sink, ScriptEngineConfiguration conf
 where conf.hasFlowPath(source, sink)
-select sink.getNode().(ScriptEngineSink).getMethodAccess(), source, sink, "Script engine eval $@.",
+select sink.getNode().(ScriptEngineSink).getMethodAccess(), source, sink, "ScriptEngine eval $@.",
   source.getNode(), "user input"