Tainted data is data that comes from an unsafe source, such as the command line, or, in the case of web apps, any GET or POST transactions. Read the perlsec man page for details on why tainted data is bad, and how to untaint the data. When you're writing unit tests for code that deals with tainted data, you'll want to have a way to provide tainted data for your routines to handle, and easy ways to check and report on the taintedness of your data, in standard Test::More style.