You can use the tainted() function of the Scalar::Util module, available from CPAN (or included with Perl since release 5.8.0). See also perlsec/"Laundering and Detecting Tainted Data".