diff --git a/index.js b/index.js
index ea606da..4e1ad90 100644
--- a/index.js
+++ b/index.js
@@ -135,6 +135,20 @@ hashmap.apply = function(_, keyvals) {
 
 exports.assocInM = assocInM
 function assocInM(obj, keys, value) {
+  /*
+    `Object.create()` to set the object to not have any prototype
+    to prevent prototype pollution attacks
+  */
+  obj = Object.create(obj)
+  Object.freeze(obj.prototype);
+
+  keys = keys.filter(function(item) {
+    var protoMod = item.includes("proto")
+    if (protoMod)
+      console.log("[!] prototype modification is potentially dangerous.");
+    return !protoMod;
+  })
+
   var ret = obj
     , key