diff --git a/java/ql/test/query-tests/security/CWE-094/APKInstallation.java b/java/ql/test/query-tests/security/CWE-094/APKInstallation.java
index 57b893fe36f..6094a967fdf 100644
--- a/java/ql/test/query-tests/security/CWE-094/APKInstallation.java
+++ b/java/ql/test/query-tests/security/CWE-094/APKInstallation.java
@@ -11,7 +11,7 @@ public class APKInstallation extends Activity {
     public void installAPK(String path) {
         // BAD: the path is not checked
         Intent intent = new Intent(Intent.ACTION_VIEW);
-        intent.setDataAndType(Uri.fromFile(new File(path)), "application/vnd.android.package-archive");
+        intent.setDataAndType(Uri.fromFile(new File(path)), "application/vnd.android.package-archive"); // $ hasApkInstallation
         startActivity(intent);
     }
 
@@ -19,7 +19,7 @@ public class APKInstallation extends Activity {
         Intent intent = new Intent(Intent.ACTION_VIEW);
         intent.setType(APK_MIMETYPE);
         // BAD: the path is not checked
-        intent.setData(Uri.fromFile(new File(path)));
+        intent.setData(Uri.fromFile(new File(path))); // $ hasApkInstallation
         startActivity(intent);
     }
 
@@ -27,7 +27,7 @@ public class APKInstallation extends Activity {
         // BAD: file is from external storage
         File file = new File(Environment.getExternalStorageDirectory(), path);
         Intent intent = new Intent(Intent.ACTION_VIEW);
-        intent.setDataAndType(Uri.fromFile(file), APK_MIMETYPE);
+        intent.setDataAndType(Uri.fromFile(file), APK_MIMETYPE); // $ hasApkInstallation
         startActivity(intent);
     }
 
@@ -35,14 +35,14 @@ public class APKInstallation extends Activity {
         // BAD: file is from external storage
         File file = new File(Environment.getExternalStorageDirectory(), path);
         Intent intent = new Intent(Intent.ACTION_INSTALL_PACKAGE);
-        intent.setData(Uri.fromFile(file));
+        intent.setData(Uri.fromFile(file)); // $ hasApkInstallation
         startActivity(intent);
     }
 
     public void installAPKInstallPackageLiteral(String path) {
         File file = new File(Environment.getExternalStorageDirectory(), path);
         Intent intent = new Intent("android.intent.action.INSTALL_PACKAGE");
-        intent.setData(Uri.fromFile(file));
+        intent.setData(Uri.fromFile(file)); // $ hasApkInstallation
         startActivity(intent);
     }
 
@@ -50,7 +50,7 @@ public class APKInstallation extends Activity {
         Intent intent = new Intent(this, OtherActivity.class);
         intent.setAction(Intent.ACTION_VIEW);
         // BAD: the file is from unknown source
-        intent.setData(Uri.fromFile(file));
+        intent.setData(Uri.fromFile(file)); // $ hasApkInstallation
     }
 }
 
diff --git a/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest.expected b/java/ql/test/query-tests/security/CWE-094/ApkInstallationTest.expected
new file mode 100644
index 00000000000..e69de29bb2d