why not have a certain base function that sanitizes all of the arguments passed to the module, and then passes the newly sanitized arguments on to the function that was supposed to be called?

That's why I hate these "untaint" modules: they generally are re-opening the hole that tainting is trying to close. Every value needs to be considered individually!

Right, you need to use something that will allow you to specifically validate all of your fields individually. If you want to actually do it right and make your security functionality more than a gesture, you need to use something like Data::FormValidator to specifically check each and every one of your arguments against a regex or lookup. I've seen way to much of this:

# untaint!
$cgi->param('field') ~= m/(.*)/;
$cgi->param('field', $1);
[download]

Are you looking for something like Hook::LexWrap?

Hook::LexWrap in conjunction with Params::Validate or a custom ACL-a-like is really nifty. He might also want to look at my Hook::LexWrap wrapper, Sub::WrapPackages, if he wants to apply his filters to entire classes.

I'm not sure what you're looking for.

If you're parsing command-line arguments, look at the Getopt family of modules. If you're trying to validate parameters passed to your modules' subroutines, you might look at Params::Validate. If you're interested in general data validation, take a look at Data::Validate and its relatives.

Of course, if your concern is trusting user input (which seems likely given that you mention security), you may want to combine one or more of the above with using perl's -T switch to turn on taint mode (see perlsec). This will cause errors to be thrown whenever a script/module attempts to do something potentially insecure with user-supplied ("tainted") data.

The Untaint module might be helpful in the way of building your "sanitizers".