Too much time, I guess, to feel that I can “trust” anything.

Time well spent. It's not just a good practice to Trust No One, it's a necessity.
I sometimes write:

use strict;
use warning;
#use mistrust qw(paranoia);
[download]

Just to remind myself that there isn't anything I can take for granted.
As for your question, I believe this is what Taint (-T) mode exists for, check perlsec.