Add query documentation header

java/ql/src/Security/CWE/CWE-036/OpenStream.ql

@@ -1,3 +1,11 @@
+/**
+ * @name Calling openStream on URLs created from remote source can lead to file disclosure
+ * @description If openStream is called on a java.net.URL, that was created from a remote source
+ *              an attacker can try to pass absolute URLs starting with file:// or jar:// to access
+ *              local resources in addition to remote ones.
+ * @kind path-problem
+ */
+
 import java
 import semmle.code.java.dataflow.TaintTracking
 import semmle.code.java.dataflow.FlowSources