Run untrusted application safely through sandbox-exec command
Solution 1:
I know it's an old question, but maybe someone finds the answer useful.
The trace operation generates rules in the given output file.
These rules are for operations that would have been denied. (source: Apple Sandbox Guide)
Which means: the operations are not denied by the deny rules if the trace operator is in the profile file.