I'm using Image::Grab library for downloading images from the web to my host. How can I make sure, that these images are normal images, not hidden scripts or other troublemaking files?

So, the real questions are

identify real file type, site:metacpan.org identify real file type

prevent script execution, site:metacpan.org prevent script execution

So eventually you should find mimetype - Determine file type, exiftool - Read and write meta information in files

and chmod, chmod

That seems to cover everything :)