oaiFix: prototype-polluting assignment

[odaysec]

twilio-cli-core/src/services/open-api-client.js

Lines 163 to 166 in 4b71a56

	schema[key] = this.evaluateRefs(value, domain);
	});
	return schema;

Fix the issue need to prevent prototype-polluting keys (__proto__, constructor, prototype) from being used in the evaluateRefs method. This can be achieved by filtering out these keys before assigning values to the schema object. Additionally, we should use a safer data structure, such as a prototype-less object created with Object.create(null), to store the modified schema.

Steps to fix:

1. Modify the evaluateRefs method to filter out dangerous keys (__proto__, constructor, prototype) when iterating over Object.entries(schema).
2. Replace the schema object with a prototype-less object (Object.create(null)) to ensure that even if dangerous keys are accidentally included, they won't affect Object.prototype.

---

Checklist

• I acknowledge that all my contributions will be made under the project's license
• I have made a material change to the repo (functionality, testing, spelling, grammar)
• I have read the Contribution Guidelines and my PR follows them
• I have titled the PR appropriately
• I have updated my branch with the main branch
• I have added tests that prove my fix is effective or that my feature works
• I have added the necessary documentation about the functionality in the appropriate .md file
• I have added inline documentation to the code I modified

If you have questions, please file a support ticket, or create a GitHub Issue in this repository.