I was concerned about duplicating code, but the more I thought about it, it seems that Test::Taint really obviates both Taint distributions. It seems to me that the only time you would want to taint data would be in testing, which of course this covers. Thoughts?
Here's an example:
use Test::Taint tests=>4;
taint_checking_ok(); # We have to have taint checking on
my $id = "deadbeef"; # Dummy session ID
taint( $id ); # Simulate it coming in from the web
tainted_ok( $id );
$id = validate_id( $id ); # Your routine to check the $id
untainted_ok( $id ); # Did it come back clean?
ok( defined $id );