Tie::Trace - easy print debugging with tie, for watching variable

But, FWIW, "taint" is about system calls (perlsec), it won't save you from sql injection (bobby-tables.com: A guide to preventing SQL injection in Perl)... X-Forwarded-For isn't likely to be involved where taint would complain

Essential CGI Security Practices,CGI/Perl Taint Mode FAQ, Tutorials: Security in CGI Programming, Think beyond Taint and warnings ...