Sure you can fake the results of an attestation in your fork, but your fork would be using your own key to sign the response, a key that the site can reject.