Theydies and gentlethems, let me introduce you to:

The Big List of Naughty Strings - these are snippets of text ("strings" to a computer) that are known to cause different kinds of bad behavior when ingested by a computer with insufficiently robust programming.

The EICAR Test File - this is a string that is designed to be inert (harmless) but also to trigger antivirus reliably.

Since (basically) any string can be encoded as a QR Code, it's easy to pick a few of your favorite strings from the BLNS, render them as QR codes, and get a QR code that you can print on a custom tee like this one which encodes the EICAR file as a QR.

You could also make up a fake URL that has horrible watchlist-triggering words in it, the filthier the better, so that any webservice running on their goggles will now have a user-linked search for "puppygirls fellating filthy clown penises" or whatever.