diff --git a/go/engine/engine.go b/go/engine/engine.go
index 175ffcd..aeb34e9 100644
--- a/go/engine/engine.go
+++ b/go/engine/engine.go
@@ -5,11 +5,16 @@ import (
 	"fmt"
 	"io"
 	"log"
+	"regexp"
 
 	"git.defalsify.org/festive/resource"
 	"git.defalsify.org/festive/state"
 	"git.defalsify.org/festive/vm"
 )
+
+var (
+	inputRegex = regexp.MustCompile("^[a-zA-Z0-9].*$")
+)
 //
 //type Config struct {
 //	FlagCount uint32
@@ -45,6 +50,13 @@ func(en *Engine) Init(sym string, ctx context.Context) error {
 	return nil
 }
 
+func checkInput(input []byte) error {
+	if !inputRegex.Match(input) {
+		return fmt.Errorf("Invalid input format: %s", input)
+	}
+	return nil
+}
+
 // Exec processes user input against the current state of the virtual machine environment.
 //
 // If successfully executed, output of the last execution is available using the WriteResult call.
@@ -56,7 +68,11 @@ func(en *Engine) Init(sym string, ctx context.Context) error {
 // - no current bytecode is available
 // - input processing against bytcode failed
 func (en *Engine) Exec(input []byte, ctx context.Context) (bool, error) {
-	err := en.st.SetInput(input)
+	err := checkInput(input)
+	if err != nil {
+		return false, err
+	}
+	err = en.st.SetInput(input)
 	if err != nil {
 		return false, err
 	}
diff --git a/go/engine/engine_test.go b/go/engine/engine_test.go
index 61a1820..1cad397 100644
--- a/go/engine/engine_test.go
+++ b/go/engine/engine_test.go
@@ -120,3 +120,19 @@ it has more lines
 		t.Fatalf("expected\n\t%s\ngot:\n\t%s\n", expect, b)
 	}
 }
+
+func TestEngineExecInvalidInput(t *testing.T) {
+	st := state.NewState(17).WithCacheSize(1024)
+	generateTestData(t)
+	ctx := context.TODO()
+	rs := NewFsWrapper(dataDir, &st)
+	en := NewEngine(&st, &rs)
+	err := en.Init("root", ctx)
+	if err != nil {
+		t.Fatal(err)
+	}
+	_, err = en.Exec([]byte("_foo"), ctx)
+	if err == nil {
+		t.Fatalf("expected fail on invalid input")
+	}
+}
diff --git a/go/vm/runner_test.go b/go/vm/runner_test.go
index ee55b1e..30bfa2d 100644
--- a/go/vm/runner_test.go
+++ b/go/vm/runner_test.go
@@ -89,8 +89,6 @@ func TestRun(t *testing.T) {
 
 	b := NewLine(nil, MOVE, []string{"foo"}, nil, nil)
 	b = NewLine(b, HALT, nil, nil, nil)
-	//b := []byte{0x00, MOVE, 0x03}
-	//b = append(b, []byte("foo")...)
 	_, err := Run(b, &st, &rs, context.TODO())
 	if err != nil {
 		t.Errorf("run error: %v", err)