It's a good question and nobody knows for sure, but I think it's pretty damn clear that:
1) This is all about face
2) They're pretty badly disorganised.
Therefore the only risk is if the person who's QR you are using is checked in somewhere else at the same time as you or if the establishment is raided whist you're present.
If you can guarantee that the owner of the QR is not going to attempt to check in at the same time, then that risk is entirely eliminated. But even if you can't guarantee that I predict that the risk is also non existent if coupling with a burner.. You can scan your own QR code and get the "bing bong" and then immediately scan it again 10 seconds later and get another "bing bong" and therefore you will be able to do that in 5 mins, an hour, 12 hours etc. Thus the vaccine pass has no record of when you leave.
Does anybody think that this system is backed by AI so that it can flag an alert if ya QR checks in in central and then 15 mins later checks in in Yuen Long? Even if it could, is someone going to check the CCTV in both locations after the fact and try to figure out what occurred? Is there even CCTV? Are its time codes synced perfectly with the vaccine scanner? Can they void the QR of a legit user and re-issue another one? If they can, how long does that take?
As for being raided - I've never been in an establishment that has been raided (Has anyone here?). Is it still happening? (I guess not). What's the procedure for checking sign in's vs patrons on site?