diff --git a/src/services/open-api-client.js b/src/services/open-api-client.js
index af13edc12..d265c7647 100644
--- a/src/services/open-api-client.js
+++ b/src/services/open-api-client.js
@@ -159,11 +159,14 @@ class OpenApiClient {
       schema = this.getRef(schema.$ref, domain);
     }
 
+    const safeSchema = Object.create(null);
     Object.entries(schema).forEach(([key, value]) => {
-      schema[key] = this.evaluateRefs(value, domain);
+      if (key !== '__proto__' && key !== 'constructor' && key !== 'prototype') {
+        safeSchema[key] = this.evaluateRefs(value, domain);
+      }
     });
 
-    return schema;
+    return safeSchema;
   }
 
   getRef(ref, domain) {