query: Security/CWE-094/ExpressionInjection.ql