Hi Pixel Fairy,
Admittedly I haven't looked much into OS X's sandbox technology on what it can do, just read the manual pages and they aren't very helpful.
But somehow I doubt you technically can sandbox vmware-vmx. The only applications I've seen sandboxed after a quick search are user level applications.
The GUI (VMware Fusion.app) runs as a user and you can probably sandbox that part. But that won't help with your goal (at all).
The vmware-vmx processes run not just as root user, but also has dependencies on things like its own kernel modules.
I somehow doubt that the sandbox can fence anything off there. The hypervisor runs at a very low level, heck it even can do stuff like mask off CPU features.
How would that work within a sandbox?
I'm not exactly sure of your threat scenario, but you are correct that VMware Fusion is no Qubes OS. You could automate some part of the workflow if you want, but even then the outset that the Qubes OS team starts from is different. One thing you should probably look at is using non persistent disks, so that when you turn off the VM that everything is forgotten from the last run.
To get back to guest escapes, there haven't been much guest to host escapes in VMware Fusion. If my memory serves me well then the only escapes found so far have involved features that had been provided by VMware Tools. The only one I can remember right now is one involving the virtual printer feature.
That doesn't mean that there aren't other issues, but they are not known in the wild as far as I know at this moment.
Now guest to host escapes on Xen that Qubes is based on.. is a different story.. Not saying that Xen is a bad product, the Qubes OS team had its reasons to use that as a base, but I've also read some rants from Joanna about Xen not taking security as serious as she wants.
If your guest OS lives on the same network as other machines then that particular threat scenario is different from anything else and doesn't really differ from a security standpoint with physical machines.
--
Wil