Is there a better way to check for taintedness of a variable, say with a CPAN module (or some internal Perl thing I can check if I create my own XS module)?
The immediate solution that comes to my mind is to use Scalar::Util which belongs to core since 5.7.3 and its tainted function. From the module's documentation:
=item tainted EXPR
Return true if the result of EXPR is tainted
$taint = tainted("constant"); # false
$taint = tainted($ENV{PWD}); # true if running under -T
You may learn more about in the sections of perlsec devoted to tainting. You will find there the expression mentioned by Anno at Re^2: Checking to see if Taint mode is enabled and the recommendation for Scalar::Util::tainted (also mentioned in the same node) if you're using 5.8.0 or later.