Thanks for spreading the word. This isn't the first really dodgy thing I've seen on cpan (e.g. rt://100658), metacpan grep timed out while I searched for similar. Perhaps some work can be done regarding smoke testing, optionally attempting to determine potentially dangerous modules then flag them for review in some way. I'll have a think.