diff --git a/javascript/ql/lib/semmle/javascript/security/TaintedObject.qll b/javascript/ql/lib/semmle/javascript/security/TaintedObject.qll
index 3022bded373..22f253e1423 100644
--- a/javascript/ql/lib/semmle/javascript/security/TaintedObject.qll
+++ b/javascript/ql/lib/semmle/javascript/security/TaintedObject.qll
@@ -81,7 +81,24 @@ module TaintedObject {
   /**
    * A sanitizer guard that blocks deep object taint.
    */
-  abstract class SanitizerGuard extends TaintTracking::LabeledSanitizerGuardNode { }
+  abstract class SanitizerGuard extends TaintTracking::LabeledSanitizerGuardNode {
+    /** Holds if this node blocks flow through `e`, provided it evaluates to `outcome`. */
+    predicate blocksExpr(boolean outcome, Expr e) { none() }
+
+    /** Holds if this node blocks flow of `label` through `e`, provided it evaluates to `outcome`. */
+    predicate blocksExpr(boolean outcome, Expr e, FlowLabel label) { none() }
+
+    override predicate sanitizes(boolean outcome, Expr e, FlowLabel label) {
+      this.blocksExpr(outcome, e, label)
+    }
+
+    override predicate sanitizes(boolean outcome, Expr e) { this.blocksExpr(outcome, e) }
+  }
+
+  /**
+   * A sanitizer guard that blocks deep object taint.
+   */
+  module SanitizerGuard = DataFlow::MakeLabeledBarrierGuard<SanitizerGuard>;
 
   /**
    * A test of form `typeof x === "something"`, preventing `x` from being an object in some cases.
@@ -103,7 +120,7 @@ module TaintedObject {
       )
     }
 
-    override predicate sanitizes(boolean outcome, Expr e, FlowLabel label) {
+    override predicate blocksExpr(boolean outcome, Expr e, FlowLabel label) {
       polarity = outcome and
       e = operand and
       label = label()
@@ -117,7 +134,7 @@ module TaintedObject {
 
     NumberGuard() { TaintTracking::isNumberGuard(this, x, polarity) }
 
-    override predicate sanitizes(boolean outcome, Expr e) { e = x and outcome = polarity }
+    override predicate blocksExpr(boolean outcome, Expr e) { e = x and outcome = polarity }
   }
 
   /** A guard that checks whether an input a valid string identifier using `mongoose.Types.ObjectId.isValid` */
@@ -145,7 +162,7 @@ module TaintedObject {
 
     JsonSchemaValidationGuard() { this = call.getAValidationResultAccess(polarity) }
 
-    override predicate sanitizes(boolean outcome, Expr e, FlowLabel label) {
+    override predicate blocksExpr(boolean outcome, Expr e, FlowLabel label) {
       outcome = polarity and
       e = call.getInput().asExpr() and
       label = label()