diff --git a/src/cli/decrypt.rs b/src/cli/decrypt.rs
index ccf864c6..ea942cd3 100644
--- a/src/cli/decrypt.rs
+++ b/src/cli/decrypt.rs
@@ -114,7 +114,7 @@ pub struct Command {
     #[clap(
         short = 'x',
         long = "hex",
-        help = "Prints a hexdump (implies --dump)",
+        help = "Prints a hexdump (implies `--dump`)",
     )]
     pub hex: bool,
 }
diff --git a/src/cli/key.rs b/src/cli/key.rs
index 671840ff..b395a079 100644
--- a/src/cli/key.rs
+++ b/src/cli/key.rs
@@ -656,7 +656,7 @@ then that key is used to sign the revocation certificate.",
         help = "The User ID to revoke",
         long_help =
 "The User ID to revoke.  By default, this must exactly match a \
-self-signed User ID.  Use --force to generate a revocation certificate \
+self-signed User ID.  Use `--force` to generate a revocation certificate \
 for a User ID, which is not self signed."
     )]
     pub userid: String,
diff --git a/src/cli/keyring.rs b/src/cli/keyring.rs
index 50bf59d6..a77287b1 100644
--- a/src/cli/keyring.rs
+++ b/src/cli/keyring.rs
@@ -409,7 +409,7 @@ pub struct LintCommand {
     /// certificates that have issues.  This output is intended for
     /// use by scripts.
     ///
-    /// This option implies "--quiet". If you also specify "--fix",
+    /// This option implies `--quiet`. If you also specify `--fix`,
     /// errors will still be printed to stderr, and fixed certificates
     /// will still be emitted to stdout.
     #[arg(short='k', long)]
diff --git a/src/cli/network/dane.rs b/src/cli/network/dane.rs
index 498d1b10..2a2128b6 100644
--- a/src/cli/network/dane.rs
+++ b/src/cli/network/dane.rs
@@ -37,7 +37,7 @@ emitted.  If multiple user IDs map to one email address, then all
 matching user IDs are included in the emitted certificates.
 
 By default, OPENPGPKEY resource records are emitted.  If your DNS
-server doesn't understand those, use --generic to emit generic
+server doesn't understand those, use `--generic` to emit generic
 records instead.",
     after_help =
 "EXAMPLES:
diff --git a/src/cli/verify.rs b/src/cli/verify.rs
index cf327e6e..3bf150ca 100644
--- a/src/cli/verify.rs
+++ b/src/cli/verify.rs
@@ -18,7 +18,7 @@ use super::types::FileOrStdout;
     long_about = "Verifies signed messages or detached signatures
 
 When verifying signed messages, the message is written to stdout or
-the file given to --output.
+the file given to `--output`.
 
 When a detached message is verified, no output is produced.  Detached
 signatures are often used to sign software packages.
diff --git a/src/cli/wot.rs b/src/cli/wot.rs
index 1963fe86..dc2a0653 100644
--- a/src/cli/wot.rs
+++ b/src/cli/wot.rs
@@ -209,7 +209,7 @@ $ sq wot identify --gossip \\
     ///
     /// Even if no bindings are shown, the exit status is 0.
     ///
-    /// If --email is provided, then a pattern matches if it is a case
+    /// If `--email` is provided, then a pattern matches if it is a case
     /// insensitive substring of the email address as-is or the
     /// normalized email address.  Note: unlike the email address, the
     /// pattern is not normalized.  In particular, puny code