Give all the switches IP's from the management VLAN - ie VLAN1 and set the core as the default route. It will only complicate things moving the management vlan to something else, I can't see why it would be more secure? All clients should be using the core switch as the default gateway. I think you may be confusing things - VLANs work at Layer 2 but the routing is working at layer 3.
On the edge switches would the default gateway be the main management IP address of the core switch (what would usually be in VLAN 1 but as you say might be safer moved to something separate). In what circumstances would the edge switches use this as in theory all the clients should be using the gateway of the VLAN they're in?