You'd get the same taint error locally if you used -T locally. The fix is simple: set the PATH to something trusted. For example,

$ENV{PATH} = '';
[download]

or maybe

$ENV{PATH} = '/bin:/usr/bin:/usr/local/bin';
[download]