diff --git a/cpp/ql/lib/semmle/code/cpp/security/flowafterfree/FlowAfterFree.qll b/cpp/ql/lib/semmle/code/cpp/security/flowafterfree/FlowAfterFree.qll
index 3890861742ef..3172b6e35622 100644
--- a/cpp/ql/lib/semmle/code/cpp/security/flowafterfree/FlowAfterFree.qll
+++ b/cpp/ql/lib/semmle/code/cpp/security/flowafterfree/FlowAfterFree.qll
@@ -28,10 +28,13 @@ predicate strictlyDominates(IRBlock b1, int i1, IRBlock b2, int i2) {
   b1.strictlyDominates(b2)
 }
 
+/**
+ * The signature for a module that is used to specify the inputs to the `FlowFromFree` module.
+ */
 signature module FlowFromFreeParamSig {
   /**
-   * Signature for a predicate that holds if `n.asExpr() = e` and `n` is a sink in
-   * the `FlowFromFreeConfig` module.
+   * Holds if `n.asExpr() = e` and `n` is a sink in the `FlowFromFreeConfig`
+   * module.
    */
   predicate isSink(DataFlow::Node n, Expr e);
 
@@ -60,7 +63,7 @@ signature module FlowFromFreeParamSig {
  * 2. The sink post-dominates the source.
  */
 module FlowFromFree<FlowFromFreeParamSig P> {
-  module FlowFromFreeConfig implements DataFlow::StateConfigSig {
+  private module FlowFromFreeConfig implements DataFlow::StateConfigSig {
     class FlowState instanceof Expr {
       FlowState() { isFree(_, _, this, _) }
 
diff --git a/cpp/ql/lib/semmle/code/cpp/security/flowafterfree/UseAfterFree.qll b/cpp/ql/lib/semmle/code/cpp/security/flowafterfree/UseAfterFree.qll
index b98f64c3f9fd..15872bd11f59 100644
--- a/cpp/ql/lib/semmle/code/cpp/security/flowafterfree/UseAfterFree.qll
+++ b/cpp/ql/lib/semmle/code/cpp/security/flowafterfree/UseAfterFree.qll
@@ -41,10 +41,10 @@ predicate isUse0(Expr e) {
   )
 }
 
-module ParameterSinks {
+private module ParameterSinks {
   import semmle.code.cpp.ir.ValueNumbering
 
-  predicate flowsToUse(DataFlow::Node n) {
+  private predicate flowsToUse(DataFlow::Node n) {
     isUse0(n.asExpr())
     or
     exists(DataFlow::Node succ |
@@ -131,9 +131,15 @@ module ParameterSinks {
   }
 }
 
-module IsUse {
+private module IsUse {
   private import semmle.code.cpp.ir.dataflow.internal.DataFlowImplCommon
 
+  /**
+   * Holds if `n` represents the expression `e`, and `e` is a pointer that is
+   * guarenteed to be dereferenced (either because it's an operand of a
+   * dereference operation, or because it's an argument to a function that
+   * always dereferences the parameter).
+   */
   predicate isUse(DataFlow::Node n, Expr e) {
     isUse0(e) and n.asExpr() = e
     or