Apply suggestions from code review

Co-authored-by: Ben Ahmady <[email protected]>

Author: geoffw0

swift/ql/src/queries/Security/CWE-089/SqlInjection.qhelp

@@ -12,13 +12,13 @@ If a database query (such as a SQL query) is built from user-provided data witho
 <recommendation>
 
 <p>
-Most database connector libraries offer a way of safely embedding untrusted data into a query by means of query parameters or prepared statements. Use these features rather than building queries by string concatenation or similar methods without sufficient sanitization.
+Most database connector libraries offer a way to safely embed untrusted data into a query using query parameters or prepared statements. You should use these features to build queries, rather than string concatenation or similar methods without sufficient sanitization.
 </p>
 
 </recommendation>
 <example>
 
-<p>In the following example, a SQL query is prepared using string interpolation to directly include a user-controlled value <code>userControlledString</code> in the query. An attacker could craft <code>userControlledString</code> in such a way as to change the overall meaning of the SQL query.
+<p>In the following example, a SQL query is prepared using string interpolation to directly include a user-controlled value <code>userControlledString</code> in the query. An attacker could craft <code>userControlledString</code> to change the overall meaning of the SQL query.
 </p>
 
 <sample src="SqlInjectionBad.swift" />