Try this with an installation which is thousands of km away from your base depot, in a country tens of thousands of km away from the country of manufacture.
In many cases, stuff trundles on happily for years, spare units were either not obtained, or were all used in earlier years, but when this device dies, it needs immediate repair, as it means loss of income to your customer.
And you think someone there is magically capable of troubleshooting the issue to a blown MOSFET, get a spare MOSFET, replace it, and get it back running? FYI, the MOSFET gate driver (often the DC/DC controller) is very likely blown as well, and because they blow short, number of upstream components can be toast, too.
Finally, using a transformer does not even guarantee safety to the downstream parts as suggested by treez. A crowbar + fuse could be more appropriate.
No, in such cases either complete units, or replacement modules, are used.
In any case, this doesn't make a lot of sense. If the designer fucks up such basic design so it blows MOSFETs randomly, what makes you think it always and only blows that one specific MOSFET which causes no further damage thanks to the transformer isolation? The problem could be after the secondary side of the transformer; actually it's likely there, assuming most of the design work and largest part of the circuit is on that side.
Do you think that adding major complications like transformers make the design more robust? If the designer struggles building a non-isolated buck which does not blow the MOSFETs, how do you think they are able to design a transformer-isolated version of the circuit, which adds the design complexity by an order of magnitude? For example, depending on the topology of course, transformer brings leakage inductances and much higher parasitic ringing energy and voltages into play, increasing the stress to the transistors. So now you are designing snubbers you didn't need with the simple buck.
Adding complexity to add robustness is seldom an answer. Simulation, and prototype verification by measurements is. Adding true redundancy is. Specifying maintenance procedures beforehand, securing the availability of spare modules/units is.
I'm really assuming here we are talking about an integrated product the power supply is
part of, where the complete control is on OP's company's shoulders. As hinted earlier, if this is a power supply designed to power expensive or specialized external loads, by all means add extra layers of safety to prevent ever exceeding output voltage spec, even under failure conditions. And for this, again, I suggest a crowbar circuit instead of adding isolation and thinking it solves the problem. After all, shorted high-side MOSFET in a non-isolated buck isn't the only case which can cause overvoltage on the output. Failure of voltage reference or either of the feedback resistors are obvious possibilities as well. Separate output voltage monitor / crowbar protects from all such possibilities.