diff --git a/lib/Zarn/AST.pm b/lib/Zarn/AST.pm
index 4a60203..9ad6180 100644
--- a/lib/Zarn/AST.pm
+++ b/lib/Zarn/AST.pm
@@ -5,7 +5,7 @@ package Zarn::AST {
     use PPI::Find;
     use PPI::Document;
     
-    our $VERSION = '0.0.2';
+    our $VERSION = '0.0.4';
 
     sub new {
         my ($self, $parameters) = @_;
@@ -36,11 +36,24 @@ package Zarn::AST {
                         # this is a draft source-to-sink function
                         if (defined $next_element && ref $next_element && $next_element -> content() =~ /[\$\@\%](\w+)/xms) {
                             # perform taint analyis
-                            my $var_token = $document -> find_first (
-                                sub { $_[1] -> isa("PPI::Token::Symbol") and $_[1] -> content eq "\$$1" }
+                            my $var_token = $document -> find_first (                                
+                                sub { 
+                                    $_[1] -> isa("PPI::Token::Symbol") and 
+                                    ($_[1] ->content eq "\$$1" or $_[1] -> content eq "\@$1" or $_[1] -> content eq "\%$1")
+                                }
                             );
 
                             if ($var_token && $var_token -> can("parent")) {
+                                my @childrens = $var_token -> parent -> children;
+
+                                if (grep { # verifyng if the variable is a fixed string or a number
+                                    $_ -> isa("PPI::Token::Quote::Double") ||
+                                    $_ -> isa("PPI::Token::Quote::Single") ||
+                                    $_ -> isa("PPI::Token::Number")
+                                } @childrens) {
+                                    next;
+                                }
+
                                 if ((
                                     $var_token -> parent -> isa("PPI::Token::Operator") ||
                                     $var_token -> parent -> isa("PPI::Statement::Expression")
diff --git a/samples/code-injection.pl b/samples/code-injection.pl
new file mode 100644
index 0000000..129bcf7
--- /dev/null
+++ b/samples/code-injection.pl
@@ -0,0 +1,13 @@
+#!/usr/bin/perl
+ 
+use 5.018;
+use strict;
+use warnings;
+
+sub main {
+    my $name = $ARGV[0];
+
+    system ("echo Hello World! $name");
+}
+
+exit main();
\ No newline at end of file
diff --git a/samples/false-positive.pl b/samples/false-positive.pl
new file mode 100644
index 0000000..18eddd3
--- /dev/null
+++ b/samples/false-positive.pl
@@ -0,0 +1,13 @@
+#!/usr/bin/perl
+ 
+use 5.018;
+use strict;
+use warnings;
+
+sub main {
+    my $name = "Zarn";
+    
+    system ("echo Hello World! $name");
+}
+
+exit main();
\ No newline at end of file
diff --git a/tools/graph.pl b/tools/graph.pl
new file mode 100644
index 0000000..57aa019
--- /dev/null
+++ b/tools/graph.pl
@@ -0,0 +1,21 @@
+#!/usr/bin/env perl
+
+use 5.018;
+use strict;
+use warnings;
+use Devel::Graph;
+
+sub main {
+    my $file = $ARGV[0];
+
+    if ($file) {
+        my $grapher = Devel::Graph -> new();
+        my $decompose   = $grapher -> decompose ($file);
+       
+        print $decompose -> as_ascii();
+    }
+
+    return 0;
+}
+
+exit main();
\ No newline at end of file
diff --git a/tools/view-ast.pl b/tools/view-ast.pl
new file mode 100644
index 0000000..44efe68
--- /dev/null
+++ b/tools/view-ast.pl
@@ -0,0 +1,18 @@
+#!/usr/bin/env perl
+
+use 5.030;
+use strict;
+use warnings;
+use PPI;
+use Data::Dumper;
+
+sub main {
+    my $file = $ARGV[0];
+
+    if ($file) {
+        my $document = PPI::Document -> new($file);
+        print Dumper($document);
+    }
+}
+
+main();
\ No newline at end of file