diff --git a/ql/src/semmle/go/security/RequestForgery.qll b/ql/src/semmle/go/security/RequestForgery.qll
index 38827b0dfd4..374bdf4a738 100644
--- a/ql/src/semmle/go/security/RequestForgery.qll
+++ b/ql/src/semmle/go/security/RequestForgery.qll
@@ -1,10 +1,18 @@
 /**
  * Provides a taint-tracking configuration for reasoning about request forgery
  * (SSRF) vulnerabilities.
+ *
+ * Note, for performance reasons: only import this file if
+ * `RequestForgery::Configuration` is needed, otherwise
+ * `RequestForgeryCustomizations` should be imported instead.
  */
 
 import go
 
+/**
+ * Provides a taint-tracking configuration for reasoning about request forgery
+ * (SSRF) vulnerabilities.
+ */
 module RequestForgery {
   import RequestForgeryCustomizations::RequestForgery
 
diff --git a/ql/src/semmle/go/security/SafeUrlFlow.qll b/ql/src/semmle/go/security/SafeUrlFlow.qll
index ff14492aa87..11bcbd5dbcb 100644
--- a/ql/src/semmle/go/security/SafeUrlFlow.qll
+++ b/ql/src/semmle/go/security/SafeUrlFlow.qll
@@ -9,6 +9,10 @@
 
 import go
 
+/**
+ * Provides a taint-tracking configuration for reasoning about
+ * safe flow from URLs.
+ */
 module SafeUrlFlow {
   import SafeUrlFlowCustomizations::SafeUrlFlow
 
diff --git a/ql/src/semmle/go/security/SafeUrlFlowCustomizations.qll b/ql/src/semmle/go/security/SafeUrlFlowCustomizations.qll
index 5e2299c2ed3..c73aae7f623 100644
--- a/ql/src/semmle/go/security/SafeUrlFlowCustomizations.qll
+++ b/ql/src/semmle/go/security/SafeUrlFlowCustomizations.qll
@@ -5,6 +5,10 @@
 
 import go
 
+/**
+ * Provides extension points for customizing the taint-tracking configuration for reasoning about
+ * safe URL flow.
+ */
 module SafeUrlFlow {
   /** A sink for safe URL flow. */
   abstract class Sink extends DataFlow::Node { }