diff --git a/index.js b/index.js
index fef5f36..87b6ce3 100644
--- a/index.js
+++ b/index.js
@@ -99,6 +99,10 @@ function createKey(pattern, options) {
 }
 
 function isValidKey(key) {
+  if (typeof key !== 'string' && typeof key !== 'number') {
+    key = String(key);
+  }
+
   return key !== '__proto__' && key !== 'constructor' && key !== 'prototype';
 }
 
diff --git a/test.js b/test.js
index ea93097..f66a9b1 100644
--- a/test.js
+++ b/test.js
@@ -210,3 +210,12 @@ describe('options', function() {
     assert.equal(o.a['{b.c.d}'].e, 'c');
   });
 });
+
+describe('patches', function() {
+  it('should not allow setting an unsafe key', function() {
+    const o = {};
+    assert.equal({}.foo, undefined);
+    set(o, [['__proto__'], 'foo'], 'bar');
+    assert.equal({}.foo, undefined);
+  });
+});