Apply suggestions from code review

Co-authored-by: Chris Smowton <smowton@github.com>

ql/src/experimental/CWE-79/HTMLTemplateEscapingPassthrough.qhelp

@@ -8,7 +8,7 @@
 			that allow values to be rendered as-is in the template, avoiding the escaping that all the other strings go
 			through.
 		</p>
-		<p>Using them on user-provided values will result in an XSS.</p>
+		<p>Using them on user-provided values will result in an opportunity for XSS.</p>
 	</overview>
 	<recommendation>
 		<p>

ql/src/experimental/CWE-79/HTMLTemplateEscapingPassthrough.ql

@@ -42,10 +42,9 @@ class PassthroughTypeName extends string {
  * output of the templates.
  */
 class FlowConfFromUntrustedToPassthroughTypeConversion extends TaintTracking::Configuration {
-  string dstTypeName;
+  PassthroughTypeName dstTypeName;
 
   FlowConfFromUntrustedToPassthroughTypeConversion() {
-    dstTypeName instanceof PassthroughTypeName and
     this = "UntrustedToConversion" + dstTypeName
   }
 
@@ -105,11 +104,10 @@ class FlowConfPassthroughTypeConversionToTemplateExecutionCall extends TaintTrac
     isSourceConversionToPassthroughType(source, _)
   }
 
-  private predicate isSourceConversionToPassthroughType(DataFlow::TypeCastNode source, string name) {
+  private predicate isSourceConversionToPassthroughType(DataFlow::TypeCastNode source, PassthroughTypeName name) {
     exists(Type typ |
       typ = source.getResultType() and
-      typ.getUnderlyingType*().hasQualifiedName("html/template", name) and
-      name instanceof PassthroughTypeName
+      typ.getUnderlyingType*().hasQualifiedName("html/template", name)
     )
   }